Date
June 26, 2025, 11:12 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 10.492110] ================================================================== [ 10.492607] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.492955] Write of size 1 at addr ffff8881009a2aeb by task kunit_try_catch/175 [ 10.493180] [ 10.493451] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.493667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.493683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.493707] Call Trace: [ 10.493720] <TASK> [ 10.493740] dump_stack_lvl+0x73/0xb0 [ 10.493772] print_report+0xd1/0x650 [ 10.493795] ? __virt_addr_valid+0x1db/0x2d0 [ 10.493818] ? krealloc_more_oob_helper+0x821/0x930 [ 10.493838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.493860] ? krealloc_more_oob_helper+0x821/0x930 [ 10.493880] kasan_report+0x141/0x180 [ 10.493901] ? krealloc_more_oob_helper+0x821/0x930 [ 10.493937] __asan_report_store1_noabort+0x1b/0x30 [ 10.493957] krealloc_more_oob_helper+0x821/0x930 [ 10.493975] ? __schedule+0x10cc/0x2b60 [ 10.493999] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.494018] ? finish_task_switch.isra.0+0x153/0x700 [ 10.494043] ? __switch_to+0x5d9/0xf60 [ 10.494064] ? dequeue_task_fair+0x166/0x4e0 [ 10.494088] ? __schedule+0x10cc/0x2b60 [ 10.494109] ? __pfx_read_tsc+0x10/0x10 [ 10.494132] krealloc_more_oob+0x1c/0x30 [ 10.494150] kunit_try_run_case+0x1a5/0x480 [ 10.494176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.494197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.494222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.494244] ? __kthread_parkme+0x82/0x180 [ 10.494266] ? preempt_count_sub+0x50/0x80 [ 10.494290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.494312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.494334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.494355] kthread+0x337/0x6f0 [ 10.494371] ? trace_preempt_on+0x20/0xc0 [ 10.494396] ? __pfx_kthread+0x10/0x10 [ 10.494413] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.494434] ? calculate_sigpending+0x7b/0xa0 [ 10.494455] ? __pfx_kthread+0x10/0x10 [ 10.494473] ret_from_fork+0x41/0x80 [ 10.494493] ? __pfx_kthread+0x10/0x10 [ 10.494510] ret_from_fork_asm+0x1a/0x30 [ 10.494541] </TASK> [ 10.494552] [ 10.503164] Allocated by task 175: [ 10.503367] kasan_save_stack+0x45/0x70 [ 10.503547] kasan_save_track+0x18/0x40 [ 10.503718] kasan_save_alloc_info+0x3b/0x50 [ 10.503866] __kasan_krealloc+0x190/0x1f0 [ 10.504015] krealloc_noprof+0xf3/0x340 [ 10.504243] krealloc_more_oob_helper+0x1a9/0x930 [ 10.504480] krealloc_more_oob+0x1c/0x30 [ 10.504673] kunit_try_run_case+0x1a5/0x480 [ 10.504877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.505139] kthread+0x337/0x6f0 [ 10.505431] ret_from_fork+0x41/0x80 [ 10.505618] ret_from_fork_asm+0x1a/0x30 [ 10.505884] [ 10.505970] The buggy address belongs to the object at ffff8881009a2a00 [ 10.505970] which belongs to the cache kmalloc-256 of size 256 [ 10.506415] The buggy address is located 0 bytes to the right of [ 10.506415] allocated 235-byte region [ffff8881009a2a00, ffff8881009a2aeb) [ 10.507167] [ 10.507258] The buggy address belongs to the physical page: [ 10.507481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.507864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.508187] flags: 0x200000000000040(head|node=0|zone=2) [ 10.508424] page_type: f5(slab) [ 10.508583] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.508972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.509270] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.509590] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.509882] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.510224] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.510453] page dumped because: kasan: bad access detected [ 10.510620] [ 10.510689] Memory state around the buggy address: [ 10.510887] ffff8881009a2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.511476] ffff8881009a2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.511773] >ffff8881009a2a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.511995] ^ [ 10.512193] ffff8881009a2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.512414] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.512802] ================================================================== [ 10.668009] ================================================================== [ 10.668635] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.669048] Write of size 1 at addr ffff8881028920eb by task kunit_try_catch/179 [ 10.669382] [ 10.669497] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.669542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.669573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.669594] Call Trace: [ 10.669608] <TASK> [ 10.669627] dump_stack_lvl+0x73/0xb0 [ 10.669653] print_report+0xd1/0x650 [ 10.669675] ? __virt_addr_valid+0x1db/0x2d0 [ 10.669696] ? krealloc_more_oob_helper+0x821/0x930 [ 10.669716] ? kasan_addr_to_slab+0x11/0xa0 [ 10.669736] ? krealloc_more_oob_helper+0x821/0x930 [ 10.669756] kasan_report+0x141/0x180 [ 10.669778] ? krealloc_more_oob_helper+0x821/0x930 [ 10.669802] __asan_report_store1_noabort+0x1b/0x30 [ 10.669822] krealloc_more_oob_helper+0x821/0x930 [ 10.669841] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.669867] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.669887] ? irqentry_exit+0x2a/0x60 [ 10.669904] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.669937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.669964] ? __pfx_read_tsc+0x10/0x10 [ 10.669987] krealloc_large_more_oob+0x1c/0x30 [ 10.670006] kunit_try_run_case+0x1a5/0x480 [ 10.670028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.670049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.670073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.670095] ? __kthread_parkme+0x82/0x180 [ 10.670117] ? preempt_count_sub+0x50/0x80 [ 10.670142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.670164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.670186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.670208] kthread+0x337/0x6f0 [ 10.670225] ? trace_preempt_on+0x20/0xc0 [ 10.670248] ? __pfx_kthread+0x10/0x10 [ 10.670265] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.670286] ? calculate_sigpending+0x7b/0xa0 [ 10.670308] ? __pfx_kthread+0x10/0x10 [ 10.670326] ret_from_fork+0x41/0x80 [ 10.670346] ? __pfx_kthread+0x10/0x10 [ 10.670362] ret_from_fork_asm+0x1a/0x30 [ 10.670393] </TASK> [ 10.670404] [ 10.677623] The buggy address belongs to the physical page: [ 10.677813] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102890 [ 10.678068] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.678397] flags: 0x200000000000040(head|node=0|zone=2) [ 10.678670] page_type: f8(unknown) [ 10.678852] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.679134] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.679395] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.679764] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.680112] head: 0200000000000002 ffffea00040a2401 00000000ffffffff 00000000ffffffff [ 10.680433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.680732] page dumped because: kasan: bad access detected [ 10.680903] [ 10.680979] Memory state around the buggy address: [ 10.681140] ffff888102891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.681461] ffff888102892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.681800] >ffff888102892080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.682058] ^ [ 10.682258] ffff888102892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.682476] ffff888102892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.682808] ================================================================== [ 10.513426] ================================================================== [ 10.514180] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.514531] Write of size 1 at addr ffff8881009a2af0 by task kunit_try_catch/175 [ 10.515348] [ 10.515479] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.515526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.515537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.515557] Call Trace: [ 10.515575] <TASK> [ 10.515593] dump_stack_lvl+0x73/0xb0 [ 10.515619] print_report+0xd1/0x650 [ 10.515642] ? __virt_addr_valid+0x1db/0x2d0 [ 10.515662] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.515681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.515703] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.515724] kasan_report+0x141/0x180 [ 10.515747] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.515771] __asan_report_store1_noabort+0x1b/0x30 [ 10.515791] krealloc_more_oob_helper+0x7eb/0x930 [ 10.515810] ? __schedule+0x10cc/0x2b60 [ 10.515833] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.515853] ? finish_task_switch.isra.0+0x153/0x700 [ 10.515875] ? __switch_to+0x5d9/0xf60 [ 10.515895] ? dequeue_task_fair+0x166/0x4e0 [ 10.515936] ? __schedule+0x10cc/0x2b60 [ 10.515957] ? __pfx_read_tsc+0x10/0x10 [ 10.515980] krealloc_more_oob+0x1c/0x30 [ 10.515997] kunit_try_run_case+0x1a5/0x480 [ 10.516022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.516043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.516066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.516088] ? __kthread_parkme+0x82/0x180 [ 10.516109] ? preempt_count_sub+0x50/0x80 [ 10.516132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.516155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.516178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.516200] kthread+0x337/0x6f0 [ 10.516216] ? trace_preempt_on+0x20/0xc0 [ 10.516239] ? __pfx_kthread+0x10/0x10 [ 10.516264] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.516284] ? calculate_sigpending+0x7b/0xa0 [ 10.516305] ? __pfx_kthread+0x10/0x10 [ 10.516323] ret_from_fork+0x41/0x80 [ 10.516342] ? __pfx_kthread+0x10/0x10 [ 10.516359] ret_from_fork_asm+0x1a/0x30 [ 10.516389] </TASK> [ 10.516400] [ 10.524577] Allocated by task 175: [ 10.524826] kasan_save_stack+0x45/0x70 [ 10.525044] kasan_save_track+0x18/0x40 [ 10.525179] kasan_save_alloc_info+0x3b/0x50 [ 10.525322] __kasan_krealloc+0x190/0x1f0 [ 10.525459] krealloc_noprof+0xf3/0x340 [ 10.525592] krealloc_more_oob_helper+0x1a9/0x930 [ 10.525956] krealloc_more_oob+0x1c/0x30 [ 10.526156] kunit_try_run_case+0x1a5/0x480 [ 10.526367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.526611] kthread+0x337/0x6f0 [ 10.526786] ret_from_fork+0x41/0x80 [ 10.527174] ret_from_fork_asm+0x1a/0x30 [ 10.527382] [ 10.527477] The buggy address belongs to the object at ffff8881009a2a00 [ 10.527477] which belongs to the cache kmalloc-256 of size 256 [ 10.527988] The buggy address is located 5 bytes to the right of [ 10.527988] allocated 235-byte region [ffff8881009a2a00, ffff8881009a2aeb) [ 10.528370] [ 10.528445] The buggy address belongs to the physical page: [ 10.528615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.528947] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.529274] flags: 0x200000000000040(head|node=0|zone=2) [ 10.529608] page_type: f5(slab) [ 10.529849] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.530152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.530384] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.530720] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.531129] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.531710] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.532189] page dumped because: kasan: bad access detected [ 10.532433] [ 10.532507] Memory state around the buggy address: [ 10.532716] ffff8881009a2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.533081] ffff8881009a2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.533376] >ffff8881009a2a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.533633] ^ [ 10.534659] ffff8881009a2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.534962] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.535240] ================================================================== [ 10.683862] ================================================================== [ 10.684211] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.684497] Write of size 1 at addr ffff8881028920f0 by task kunit_try_catch/179 [ 10.685136] [ 10.685237] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.685280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.685292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.685312] Call Trace: [ 10.685324] <TASK> [ 10.685339] dump_stack_lvl+0x73/0xb0 [ 10.685366] print_report+0xd1/0x650 [ 10.685390] ? __virt_addr_valid+0x1db/0x2d0 [ 10.685413] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.685433] ? kasan_addr_to_slab+0x11/0xa0 [ 10.685454] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.685473] kasan_report+0x141/0x180 [ 10.685495] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.685519] __asan_report_store1_noabort+0x1b/0x30 [ 10.685540] krealloc_more_oob_helper+0x7eb/0x930 [ 10.685581] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.685607] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.685627] ? irqentry_exit+0x2a/0x60 [ 10.685645] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.685669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.685697] ? __pfx_read_tsc+0x10/0x10 [ 10.685722] krealloc_large_more_oob+0x1c/0x30 [ 10.685742] kunit_try_run_case+0x1a5/0x480 [ 10.685765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.685786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.685811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.685833] ? __kthread_parkme+0x82/0x180 [ 10.685857] ? preempt_count_sub+0x50/0x80 [ 10.685884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.685908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.685940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.685963] kthread+0x337/0x6f0 [ 10.685979] ? trace_preempt_on+0x20/0xc0 [ 10.686004] ? __pfx_kthread+0x10/0x10 [ 10.686021] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.686042] ? calculate_sigpending+0x7b/0xa0 [ 10.686064] ? __pfx_kthread+0x10/0x10 [ 10.686082] ret_from_fork+0x41/0x80 [ 10.686102] ? __pfx_kthread+0x10/0x10 [ 10.686119] ret_from_fork_asm+0x1a/0x30 [ 10.686150] </TASK> [ 10.686160] [ 10.693191] The buggy address belongs to the physical page: [ 10.693457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102890 [ 10.693785] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.694024] flags: 0x200000000000040(head|node=0|zone=2) [ 10.694273] page_type: f8(unknown) [ 10.694454] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.694817] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.695085] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.695397] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.695719] head: 0200000000000002 ffffea00040a2401 00000000ffffffff 00000000ffffffff [ 10.696037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.696343] page dumped because: kasan: bad access detected [ 10.696587] [ 10.696680] Memory state around the buggy address: [ 10.696885] ffff888102891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.697168] ffff888102892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.697434] >ffff888102892080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.697712] ^ [ 10.697926] ffff888102892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.698237] ffff888102892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.698546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.271443] ================================================================== [ 10.272888] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.273698] Read of size 1 at addr ffff8881037fb000 by task kunit_try_catch/159 [ 10.274250] [ 10.274638] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.274693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.274705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.274729] Call Trace: [ 10.274744] <TASK> [ 10.274765] dump_stack_lvl+0x73/0xb0 [ 10.274798] print_report+0xd1/0x650 [ 10.274822] ? __virt_addr_valid+0x1db/0x2d0 [ 10.274845] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.274866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.274888] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.274908] kasan_report+0x141/0x180 [ 10.274943] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.274967] __asan_report_load1_noabort+0x18/0x20 [ 10.274987] kmalloc_node_oob_right+0x369/0x3c0 [ 10.275009] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.275029] ? __schedule+0x10cc/0x2b60 [ 10.275052] ? __pfx_read_tsc+0x10/0x10 [ 10.275072] ? ktime_get_ts64+0x86/0x230 [ 10.275101] kunit_try_run_case+0x1a5/0x480 [ 10.275127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.275148] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.275173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.275195] ? __kthread_parkme+0x82/0x180 [ 10.275218] ? preempt_count_sub+0x50/0x80 [ 10.275244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.275267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.275289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.275311] kthread+0x337/0x6f0 [ 10.275327] ? trace_preempt_on+0x20/0xc0 [ 10.275351] ? __pfx_kthread+0x10/0x10 [ 10.275368] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.275389] ? calculate_sigpending+0x7b/0xa0 [ 10.275410] ? __pfx_kthread+0x10/0x10 [ 10.275428] ret_from_fork+0x41/0x80 [ 10.275447] ? __pfx_kthread+0x10/0x10 [ 10.275464] ret_from_fork_asm+0x1a/0x30 [ 10.275496] </TASK> [ 10.275507] [ 10.283560] Allocated by task 159: [ 10.283904] kasan_save_stack+0x45/0x70 [ 10.284168] kasan_save_track+0x18/0x40 [ 10.284368] kasan_save_alloc_info+0x3b/0x50 [ 10.284539] __kasan_kmalloc+0xb7/0xc0 [ 10.284903] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.285172] kmalloc_node_oob_right+0xab/0x3c0 [ 10.285329] kunit_try_run_case+0x1a5/0x480 [ 10.285477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.285668] kthread+0x337/0x6f0 [ 10.285834] ret_from_fork+0x41/0x80 [ 10.286062] ret_from_fork_asm+0x1a/0x30 [ 10.286260] [ 10.286355] The buggy address belongs to the object at ffff8881037fa000 [ 10.286355] which belongs to the cache kmalloc-4k of size 4096 [ 10.287298] The buggy address is located 0 bytes to the right of [ 10.287298] allocated 4096-byte region [ffff8881037fa000, ffff8881037fb000) [ 10.287948] [ 10.288065] The buggy address belongs to the physical page: [ 10.288442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1037f8 [ 10.289258] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.289576] flags: 0x200000000000040(head|node=0|zone=2) [ 10.290052] page_type: f5(slab) [ 10.290232] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.290586] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.290985] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.291399] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.291797] head: 0200000000000003 ffffea00040dfe01 00000000ffffffff 00000000ffffffff [ 10.292233] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.292607] page dumped because: kasan: bad access detected [ 10.292898] [ 10.293014] Memory state around the buggy address: [ 10.293275] ffff8881037faf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.293592] ffff8881037faf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.293981] >ffff8881037fb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.294369] ^ [ 10.294525] ffff8881037fb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.294851] ffff8881037fb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.295336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.221629] ================================================================== [ 10.222933] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.223579] Read of size 1 at addr ffff8881025a7f3f by task kunit_try_catch/157 [ 10.224463] [ 10.224594] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.224668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.224695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.224724] Call Trace: [ 10.224738] <TASK> [ 10.224759] dump_stack_lvl+0x73/0xb0 [ 10.224790] print_report+0xd1/0x650 [ 10.224813] ? __virt_addr_valid+0x1db/0x2d0 [ 10.224836] ? kmalloc_oob_left+0x361/0x3c0 [ 10.224857] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.224879] ? kmalloc_oob_left+0x361/0x3c0 [ 10.224901] kasan_report+0x141/0x180 [ 10.224933] ? kmalloc_oob_left+0x361/0x3c0 [ 10.224959] __asan_report_load1_noabort+0x18/0x20 [ 10.224979] kmalloc_oob_left+0x361/0x3c0 [ 10.225001] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.225023] ? __schedule+0x10cc/0x2b60 [ 10.225046] ? __pfx_read_tsc+0x10/0x10 [ 10.225066] ? ktime_get_ts64+0x86/0x230 [ 10.225092] kunit_try_run_case+0x1a5/0x480 [ 10.225118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.225139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.225163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.225185] ? __kthread_parkme+0x82/0x180 [ 10.225208] ? preempt_count_sub+0x50/0x80 [ 10.225233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.225256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.225278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.225300] kthread+0x337/0x6f0 [ 10.225316] ? trace_preempt_on+0x20/0xc0 [ 10.225340] ? __pfx_kthread+0x10/0x10 [ 10.225357] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.225378] ? calculate_sigpending+0x7b/0xa0 [ 10.225399] ? __pfx_kthread+0x10/0x10 [ 10.225416] ret_from_fork+0x41/0x80 [ 10.225436] ? __pfx_kthread+0x10/0x10 [ 10.225453] ret_from_fork_asm+0x1a/0x30 [ 10.225484] </TASK> [ 10.225495] [ 10.239347] Allocated by task 48: [ 10.239795] kasan_save_stack+0x45/0x70 [ 10.240218] kasan_save_track+0x18/0x40 [ 10.240365] kasan_save_alloc_info+0x3b/0x50 [ 10.240508] __kasan_kmalloc+0xb7/0xc0 [ 10.240972] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.241492] kvasprintf+0xc5/0x150 [ 10.241909] kasprintf+0xb6/0xf0 [ 10.242241] input_devnode+0x46/0x80 [ 10.242414] device_get_devnode+0x145/0x2a0 [ 10.242906] dev_uevent+0x41c/0x730 [ 10.243180] kobject_uevent_env+0x50d/0xff0 [ 10.243328] kobject_uevent+0xf/0x20 [ 10.243456] device_add+0xe4c/0x1820 [ 10.243581] cdev_device_add+0xab/0x1c0 [ 10.244087] evdev_connect+0x356/0x480 [ 10.244444] input_attach_handler.isra.0+0x117/0x1f0 [ 10.244992] input_register_device+0x722/0xe10 [ 10.245405] psmouse_connect+0x6ed/0xe30 [ 10.245864] serio_driver_probe+0x7a/0xb0 [ 10.246193] really_probe+0x1d4/0x920 [ 10.246330] __driver_probe_device+0x18f/0x3e0 [ 10.246484] driver_probe_device+0x4f/0x130 [ 10.246854] __driver_attach+0x1eb/0x4b0 [ 10.247237] bus_for_each_dev+0x10f/0x1a0 [ 10.247604] driver_attach+0x41/0x60 [ 10.248047] serio_handle_event+0x254/0x940 [ 10.248467] process_one_work+0x5ee/0xf60 [ 10.248960] worker_thread+0x758/0x1220 [ 10.249155] kthread+0x337/0x6f0 [ 10.249280] ret_from_fork+0x41/0x80 [ 10.249415] ret_from_fork_asm+0x1a/0x30 [ 10.249555] [ 10.249819] Freed by task 48: [ 10.250188] kasan_save_stack+0x45/0x70 [ 10.250561] kasan_save_track+0x18/0x40 [ 10.251054] kasan_save_free_info+0x3f/0x60 [ 10.251433] __kasan_slab_free+0x56/0x70 [ 10.251864] kfree+0x222/0x3f0 [ 10.252161] dev_uevent+0x466/0x730 [ 10.252480] kobject_uevent_env+0x50d/0xff0 [ 10.252627] kobject_uevent+0xf/0x20 [ 10.252887] device_add+0xe4c/0x1820 [ 10.253235] cdev_device_add+0xab/0x1c0 [ 10.253567] evdev_connect+0x356/0x480 [ 10.253930] input_attach_handler.isra.0+0x117/0x1f0 [ 10.254100] input_register_device+0x722/0xe10 [ 10.254247] psmouse_connect+0x6ed/0xe30 [ 10.254385] serio_driver_probe+0x7a/0xb0 [ 10.254523] really_probe+0x1d4/0x920 [ 10.254781] __driver_probe_device+0x18f/0x3e0 [ 10.255241] driver_probe_device+0x4f/0x130 [ 10.255647] __driver_attach+0x1eb/0x4b0 [ 10.256084] bus_for_each_dev+0x10f/0x1a0 [ 10.256441] driver_attach+0x41/0x60 [ 10.256844] serio_handle_event+0x254/0x940 [ 10.257225] process_one_work+0x5ee/0xf60 [ 10.257605] worker_thread+0x758/0x1220 [ 10.258040] kthread+0x337/0x6f0 [ 10.258339] ret_from_fork+0x41/0x80 [ 10.258695] ret_from_fork_asm+0x1a/0x30 [ 10.259035] [ 10.259118] The buggy address belongs to the object at ffff8881025a7f20 [ 10.259118] which belongs to the cache kmalloc-16 of size 16 [ 10.259479] The buggy address is located 15 bytes to the right of [ 10.259479] allocated 16-byte region [ffff8881025a7f20, ffff8881025a7f30) [ 10.260636] [ 10.260832] The buggy address belongs to the physical page: [ 10.261344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 10.262125] flags: 0x200000000000000(node=0|zone=2) [ 10.262641] page_type: f5(slab) [ 10.262857] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.263099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.263317] page dumped because: kasan: bad access detected [ 10.263481] [ 10.263555] Memory state around the buggy address: [ 10.263706] ffff8881025a7e00: fa fb fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 10.263913] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 10.264625] >ffff8881025a7f00: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 10.265344] ^ [ 10.265909] ffff8881025a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.266637] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.267377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.173973] ================================================================== [ 10.174649] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.175292] Write of size 1 at addr ffff8881029eaf78 by task kunit_try_catch/155 [ 10.176040] [ 10.176155] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.176209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.176221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.176242] Call Trace: [ 10.176268] <TASK> [ 10.176286] dump_stack_lvl+0x73/0xb0 [ 10.176312] print_report+0xd1/0x650 [ 10.176334] ? __virt_addr_valid+0x1db/0x2d0 [ 10.176356] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.176376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.176398] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.176419] kasan_report+0x141/0x180 [ 10.176441] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.176467] __asan_report_store1_noabort+0x1b/0x30 [ 10.176487] kmalloc_oob_right+0x6bd/0x7f0 [ 10.176509] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.176531] ? __schedule+0x10cc/0x2b60 [ 10.176554] ? __pfx_read_tsc+0x10/0x10 [ 10.176574] ? ktime_get_ts64+0x86/0x230 [ 10.176598] kunit_try_run_case+0x1a5/0x480 [ 10.176623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.176644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.176667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.176689] ? __kthread_parkme+0x82/0x180 [ 10.176711] ? preempt_count_sub+0x50/0x80 [ 10.176736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.176759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.176781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.176803] kthread+0x337/0x6f0 [ 10.176819] ? trace_preempt_on+0x20/0xc0 [ 10.176842] ? __pfx_kthread+0x10/0x10 [ 10.176859] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.176880] ? calculate_sigpending+0x7b/0xa0 [ 10.176901] ? __pfx_kthread+0x10/0x10 [ 10.176931] ret_from_fork+0x41/0x80 [ 10.176951] ? __pfx_kthread+0x10/0x10 [ 10.176968] ret_from_fork_asm+0x1a/0x30 [ 10.176997] </TASK> [ 10.177007] [ 10.186562] Allocated by task 155: [ 10.186938] kasan_save_stack+0x45/0x70 [ 10.187366] kasan_save_track+0x18/0x40 [ 10.187722] kasan_save_alloc_info+0x3b/0x50 [ 10.188117] __kasan_kmalloc+0xb7/0xc0 [ 10.188460] __kmalloc_cache_noprof+0x189/0x420 [ 10.188901] kmalloc_oob_right+0xa9/0x7f0 [ 10.189287] kunit_try_run_case+0x1a5/0x480 [ 10.189683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.190155] kthread+0x337/0x6f0 [ 10.190359] ret_from_fork+0x41/0x80 [ 10.190495] ret_from_fork_asm+0x1a/0x30 [ 10.190654] [ 10.190727] The buggy address belongs to the object at ffff8881029eaf00 [ 10.190727] which belongs to the cache kmalloc-128 of size 128 [ 10.191098] The buggy address is located 5 bytes to the right of [ 10.191098] allocated 115-byte region [ffff8881029eaf00, ffff8881029eaf73) [ 10.191467] [ 10.191540] The buggy address belongs to the physical page: [ 10.191812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ea [ 10.192064] flags: 0x200000000000000(node=0|zone=2) [ 10.192228] page_type: f5(slab) [ 10.192358] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.192639] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.193127] page dumped because: kasan: bad access detected [ 10.193299] [ 10.193366] Memory state around the buggy address: [ 10.193521] ffff8881029eae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.193769] ffff8881029eae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.194014] >ffff8881029eaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.194224] ^ [ 10.194435] ffff8881029eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.194676] ffff8881029eb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.195263] ================================================================== [ 10.196237] ================================================================== [ 10.196481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.196738] Read of size 1 at addr ffff8881029eaf80 by task kunit_try_catch/155 [ 10.197353] [ 10.197526] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.197571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.197582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.197603] Call Trace: [ 10.197621] <TASK> [ 10.197638] dump_stack_lvl+0x73/0xb0 [ 10.197663] print_report+0xd1/0x650 [ 10.197685] ? __virt_addr_valid+0x1db/0x2d0 [ 10.197706] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.197727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.197748] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.197770] kasan_report+0x141/0x180 [ 10.197792] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.197818] __asan_report_load1_noabort+0x18/0x20 [ 10.197838] kmalloc_oob_right+0x68a/0x7f0 [ 10.197859] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.197882] ? __schedule+0x10cc/0x2b60 [ 10.197905] ? __pfx_read_tsc+0x10/0x10 [ 10.197935] ? ktime_get_ts64+0x86/0x230 [ 10.197960] kunit_try_run_case+0x1a5/0x480 [ 10.197985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.198006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.198029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.198051] ? __kthread_parkme+0x82/0x180 [ 10.198073] ? preempt_count_sub+0x50/0x80 [ 10.198098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.198121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.198143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.198165] kthread+0x337/0x6f0 [ 10.198182] ? trace_preempt_on+0x20/0xc0 [ 10.198205] ? __pfx_kthread+0x10/0x10 [ 10.198222] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.198243] ? calculate_sigpending+0x7b/0xa0 [ 10.198264] ? __pfx_kthread+0x10/0x10 [ 10.198282] ret_from_fork+0x41/0x80 [ 10.198301] ? __pfx_kthread+0x10/0x10 [ 10.198319] ret_from_fork_asm+0x1a/0x30 [ 10.198349] </TASK> [ 10.198359] [ 10.209275] Allocated by task 155: [ 10.209413] kasan_save_stack+0x45/0x70 [ 10.209572] kasan_save_track+0x18/0x40 [ 10.209927] kasan_save_alloc_info+0x3b/0x50 [ 10.210346] __kasan_kmalloc+0xb7/0xc0 [ 10.210723] __kmalloc_cache_noprof+0x189/0x420 [ 10.211167] kmalloc_oob_right+0xa9/0x7f0 [ 10.211612] kunit_try_run_case+0x1a5/0x480 [ 10.211961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.212160] kthread+0x337/0x6f0 [ 10.212327] ret_from_fork+0x41/0x80 [ 10.212475] ret_from_fork_asm+0x1a/0x30 [ 10.212684] [ 10.212778] The buggy address belongs to the object at ffff8881029eaf00 [ 10.212778] which belongs to the cache kmalloc-128 of size 128 [ 10.213241] The buggy address is located 13 bytes to the right of [ 10.213241] allocated 115-byte region [ffff8881029eaf00, ffff8881029eaf73) [ 10.213709] [ 10.213787] The buggy address belongs to the physical page: [ 10.214069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ea [ 10.214401] flags: 0x200000000000000(node=0|zone=2) [ 10.214574] page_type: f5(slab) [ 10.214747] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.215109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.215385] page dumped because: kasan: bad access detected [ 10.215578] [ 10.215673] Memory state around the buggy address: [ 10.215928] ffff8881029eae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.216255] ffff8881029eaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.216503] >ffff8881029eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.216937] ^ [ 10.217099] ffff8881029eb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.217371] ffff8881029eb080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.217609] ================================================================== [ 10.137295] ================================================================== [ 10.137928] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.139004] Write of size 1 at addr ffff8881029eaf73 by task kunit_try_catch/155 [ 10.139639] [ 10.140734] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.141027] Tainted: [N]=TEST [ 10.141059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.141289] Call Trace: [ 10.141356] <TASK> [ 10.141501] dump_stack_lvl+0x73/0xb0 [ 10.141583] print_report+0xd1/0x650 [ 10.141613] ? __virt_addr_valid+0x1db/0x2d0 [ 10.141636] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.141658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.141680] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.141701] kasan_report+0x141/0x180 [ 10.141723] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.141749] __asan_report_store1_noabort+0x1b/0x30 [ 10.141770] kmalloc_oob_right+0x6f0/0x7f0 [ 10.141792] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.141814] ? __schedule+0x10cc/0x2b60 [ 10.141837] ? __pfx_read_tsc+0x10/0x10 [ 10.141857] ? ktime_get_ts64+0x86/0x230 [ 10.141884] kunit_try_run_case+0x1a5/0x480 [ 10.141910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.141942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.141966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.141989] ? __kthread_parkme+0x82/0x180 [ 10.142013] ? preempt_count_sub+0x50/0x80 [ 10.142038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.142061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.142083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.142105] kthread+0x337/0x6f0 [ 10.142122] ? trace_preempt_on+0x20/0xc0 [ 10.142146] ? __pfx_kthread+0x10/0x10 [ 10.142163] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.142184] ? calculate_sigpending+0x7b/0xa0 [ 10.142205] ? __pfx_kthread+0x10/0x10 [ 10.142223] ret_from_fork+0x41/0x80 [ 10.142243] ? __pfx_kthread+0x10/0x10 [ 10.142260] ret_from_fork_asm+0x1a/0x30 [ 10.142312] </TASK> [ 10.142374] [ 10.152743] Allocated by task 155: [ 10.153325] kasan_save_stack+0x45/0x70 [ 10.154064] kasan_save_track+0x18/0x40 [ 10.154559] kasan_save_alloc_info+0x3b/0x50 [ 10.155166] __kasan_kmalloc+0xb7/0xc0 [ 10.155653] __kmalloc_cache_noprof+0x189/0x420 [ 10.156057] kmalloc_oob_right+0xa9/0x7f0 [ 10.156543] kunit_try_run_case+0x1a5/0x480 [ 10.156853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.157051] kthread+0x337/0x6f0 [ 10.157172] ret_from_fork+0x41/0x80 [ 10.157303] ret_from_fork_asm+0x1a/0x30 [ 10.157489] [ 10.157956] The buggy address belongs to the object at ffff8881029eaf00 [ 10.157956] which belongs to the cache kmalloc-128 of size 128 [ 10.159824] The buggy address is located 0 bytes to the right of [ 10.159824] allocated 115-byte region [ffff8881029eaf00, ffff8881029eaf73) [ 10.161426] [ 10.161831] The buggy address belongs to the physical page: [ 10.162814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ea [ 10.163906] flags: 0x200000000000000(node=0|zone=2) [ 10.165070] page_type: f5(slab) [ 10.166010] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.166857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.167423] page dumped because: kasan: bad access detected [ 10.167619] [ 10.167828] Memory state around the buggy address: [ 10.168584] ffff8881029eae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.169354] ffff8881029eae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.170230] >ffff8881029eaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.171033] ^ [ 10.171294] ffff8881029eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.171510] ffff8881029eb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.171964] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.077524] WARNING: CPU: 1 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.078345] Modules linked in: [ 141.078503] CPU: 1 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 141.079377] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.080075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.081137] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.081815] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 00 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.083121] RSP: 0000:ffff888107177c78 EFLAGS: 00010286 [ 141.083317] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.083727] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff886240b4 [ 141.084540] RBP: ffff888107177ca0 R08: 0000000000000000 R09: ffffed1020499b20 [ 141.085120] R10: ffff8881024cd907 R11: 0000000000000000 R12: ffffffff886240a0 [ 141.085467] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107177d38 [ 141.085985] FS: 0000000000000000(0000) GS:ffff8881d0b93000(0000) knlGS:0000000000000000 [ 141.086410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.086905] CR2: 00007ffff7ffe000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 141.087203] DR0: ffffffff8a630904 DR1: ffffffff8a630909 DR2: ffffffff8a63090a [ 141.087487] DR3: ffffffff8a63090b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.088098] Call Trace: [ 141.088320] <TASK> [ 141.088591] drm_test_rect_calc_vscale+0x108/0x270 [ 141.089078] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.089601] ? __schedule+0x10cc/0x2b60 [ 141.090095] ? __pfx_read_tsc+0x10/0x10 [ 141.090482] ? ktime_get_ts64+0x86/0x230 [ 141.091015] kunit_try_run_case+0x1a5/0x480 [ 141.091259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.091457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.091663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.092230] ? __kthread_parkme+0x82/0x180 [ 141.092695] ? preempt_count_sub+0x50/0x80 [ 141.093687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.094064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.094345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.094650] kthread+0x337/0x6f0 [ 141.094798] ? trace_preempt_on+0x20/0xc0 [ 141.095121] ? __pfx_kthread+0x10/0x10 [ 141.095308] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.095550] ? calculate_sigpending+0x7b/0xa0 [ 141.095793] ? __pfx_kthread+0x10/0x10 [ 141.096023] ret_from_fork+0x41/0x80 [ 141.096302] ? __pfx_kthread+0x10/0x10 [ 141.096460] ret_from_fork_asm+0x1a/0x30 [ 141.096699] </TASK> [ 141.096974] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.049648] WARNING: CPU: 1 PID: 2739 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.050476] Modules linked in: [ 141.050952] CPU: 1 UID: 0 PID: 2739 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 141.051701] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.052176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.052935] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.053498] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 00 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.055203] RSP: 0000:ffff888103c6fc78 EFLAGS: 00010286 [ 141.055765] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.056406] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8862407c [ 141.057097] RBP: ffff888103c6fca0 R08: 0000000000000000 R09: ffffed1020499ac0 [ 141.057317] R10: ffff8881024cd607 R11: 0000000000000000 R12: ffffffff88624068 [ 141.057613] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103c6fd38 [ 141.058338] FS: 0000000000000000(0000) GS:ffff8881d0b93000(0000) knlGS:0000000000000000 [ 141.059227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.059883] CR2: 00007ffff7ffe000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 141.060529] DR0: ffffffff8a630904 DR1: ffffffff8a630909 DR2: ffffffff8a63090a [ 141.061131] DR3: ffffffff8a63090b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.061348] Call Trace: [ 141.061448] <TASK> [ 141.061579] drm_test_rect_calc_vscale+0x108/0x270 [ 141.061893] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.062573] ? __schedule+0x10cc/0x2b60 [ 141.063127] ? __pfx_read_tsc+0x10/0x10 [ 141.063564] ? ktime_get_ts64+0x86/0x230 [ 141.063761] kunit_try_run_case+0x1a5/0x480 [ 141.064508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.065392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.065662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.066220] ? __kthread_parkme+0x82/0x180 [ 141.066695] ? preempt_count_sub+0x50/0x80 [ 141.067225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.067404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.067900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.068633] kthread+0x337/0x6f0 [ 141.069310] ? trace_preempt_on+0x20/0xc0 [ 141.069906] ? __pfx_kthread+0x10/0x10 [ 141.070297] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.070461] ? calculate_sigpending+0x7b/0xa0 [ 141.070619] ? __pfx_kthread+0x10/0x10 [ 141.070878] ret_from_fork+0x41/0x80 [ 141.071530] ? __pfx_kthread+0x10/0x10 [ 141.072037] ret_from_fork_asm+0x1a/0x30 [ 141.072551] </TASK> [ 141.072940] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.011254] WARNING: CPU: 0 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.011968] Modules linked in: [ 141.012405] CPU: 0 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 141.013651] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.014254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.015037] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.015443] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.016111] RSP: 0000:ffff888107027c78 EFLAGS: 00010286 [ 141.016302] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.016515] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff886240b8 [ 141.016724] RBP: ffff888107027ca0 R08: 0000000000000000 R09: ffffed10204c8c00 [ 141.016945] R10: ffff888102646007 R11: 0000000000000000 R12: ffffffff886240a0 [ 141.017155] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107027d38 [ 141.017365] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 141.017601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.017778] CR2: 00007ffff7ffd000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 141.018472] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 141.019328] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.020084] Call Trace: [ 141.020458] <TASK> [ 141.020802] drm_test_rect_calc_hscale+0x108/0x270 [ 141.021336] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.022002] ? __schedule+0x10cc/0x2b60 [ 141.022420] ? __pfx_read_tsc+0x10/0x10 [ 141.023052] ? ktime_get_ts64+0x86/0x230 [ 141.023474] kunit_try_run_case+0x1a5/0x480 [ 141.024004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.024466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.025046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.025550] ? __kthread_parkme+0x82/0x180 [ 141.026128] ? preempt_count_sub+0x50/0x80 [ 141.026584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.027084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.027657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.028502] kthread+0x337/0x6f0 [ 141.028959] ? trace_preempt_on+0x20/0xc0 [ 141.029338] ? __pfx_kthread+0x10/0x10 [ 141.029486] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.029648] ? calculate_sigpending+0x7b/0xa0 [ 141.030100] ? __pfx_kthread+0x10/0x10 [ 141.030481] ret_from_fork+0x41/0x80 [ 141.031048] ? __pfx_kthread+0x10/0x10 [ 141.031431] ret_from_fork_asm+0x1a/0x30 [ 141.031909] </TASK> [ 141.032094] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.989312] WARNING: CPU: 0 PID: 2727 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.990671] Modules linked in: [ 140.991130] CPU: 0 UID: 0 PID: 2727 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 140.992440] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.993282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.994492] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.995073] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.995614] RSP: 0000:ffff888107217c78 EFLAGS: 00010286 [ 140.996057] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.996335] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff88624080 [ 140.996627] RBP: ffff888107217ca0 R08: 0000000000000000 R09: ffffed10204c8dc0 [ 140.997402] R10: ffff888102646e07 R11: 0000000000000000 R12: ffffffff88624068 [ 140.997777] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107217d38 [ 140.998237] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 140.998661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.999082] CR2: 00007ffff7ffd000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 140.999386] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 140.999901] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.000182] Call Trace: [ 141.000311] <TASK> [ 141.000437] drm_test_rect_calc_hscale+0x108/0x270 [ 141.001071] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.001500] ? __schedule+0x10cc/0x2b60 [ 141.001705] ? __pfx_read_tsc+0x10/0x10 [ 141.002004] ? ktime_get_ts64+0x86/0x230 [ 141.002337] kunit_try_run_case+0x1a5/0x480 [ 141.002519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.002945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.003175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.003495] ? __kthread_parkme+0x82/0x180 [ 141.003693] ? preempt_count_sub+0x50/0x80 [ 141.004130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.004378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.004786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.005174] kthread+0x337/0x6f0 [ 141.005340] ? trace_preempt_on+0x20/0xc0 [ 141.005694] ? __pfx_kthread+0x10/0x10 [ 141.005973] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.006389] ? calculate_sigpending+0x7b/0xa0 [ 141.006634] ? __pfx_kthread+0x10/0x10 [ 141.007009] ret_from_fork+0x41/0x80 [ 141.007280] ? __pfx_kthread+0x10/0x10 [ 141.007520] ret_from_fork_asm+0x1a/0x30 [ 141.007923] </TASK> [ 141.008034] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.162958] WARNING: CPU: 0 PID: 2525 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.163286] Modules linked in: [ 140.163511] CPU: 0 UID: 0 PID: 2525 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 140.164016] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.164293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.164654] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.164915] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.165650] RSP: 0000:ffff888106317b30 EFLAGS: 00010246 [ 140.165976] RAX: dffffc0000000000 RBX: ffff888106317c28 RCX: 0000000000000000 [ 140.166659] RDX: 1ffff11020c62f8e RSI: ffff888106317c28 RDI: ffff888106317c70 [ 140.167486] RBP: ffff888106317b70 R08: ffff888106918000 R09: ffffffff885cab60 [ 140.168273] R10: 0000000000000003 R11: 00000000846ffe75 R12: ffff888106918000 [ 140.169128] R13: ffff88810031fae8 R14: ffff888106317ba8 R15: 0000000000000000 [ 140.169915] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 140.170258] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.170479] CR2: 00007ffff7ffd000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 140.171281] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 140.172066] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.172758] Call Trace: [ 140.172895] <TASK> [ 140.173033] ? add_dr+0xc1/0x1d0 [ 140.173349] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.173896] ? add_dr+0x148/0x1d0 [ 140.174176] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.174375] ? __drmm_add_action+0x1a4/0x280 [ 140.174648] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.175230] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.175781] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.176233] ? __schedule+0x10cc/0x2b60 [ 140.176562] ? __pfx_read_tsc+0x10/0x10 [ 140.176755] ? ktime_get_ts64+0x86/0x230 [ 140.177204] kunit_try_run_case+0x1a5/0x480 [ 140.177662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.177980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.178384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.178980] ? __kthread_parkme+0x82/0x180 [ 140.179353] ? preempt_count_sub+0x50/0x80 [ 140.179654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.180219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.180592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.181094] kthread+0x337/0x6f0 [ 140.181484] ? trace_preempt_on+0x20/0xc0 [ 140.181917] ? __pfx_kthread+0x10/0x10 [ 140.182118] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.182271] ? calculate_sigpending+0x7b/0xa0 [ 140.182422] ? __pfx_kthread+0x10/0x10 [ 140.182789] ret_from_fork+0x41/0x80 [ 140.183171] ? __pfx_kthread+0x10/0x10 [ 140.183545] ret_from_fork_asm+0x1a/0x30 [ 140.184043] </TASK> [ 140.184306] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.130784] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.131014] WARNING: CPU: 0 PID: 2521 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.132008] Modules linked in: [ 140.132261] CPU: 0 UID: 0 PID: 2521 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 140.132772] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.133100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.133493] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.133790] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 bb 84 84 00 48 c7 c1 60 5b 5c 88 4c 89 fa 48 c7 c7 c0 5b 5c 88 48 89 c6 e8 02 b0 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.134675] RSP: 0000:ffff888106b4fb68 EFLAGS: 00010282 [ 140.135029] RAX: 0000000000000000 RBX: ffff888106b4fc40 RCX: 1ffffffff1264b60 [ 140.135296] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.135595] RBP: ffff888106b4fb90 R08: 0000000000000000 R09: fffffbfff1264b60 [ 140.135871] R10: 0000000000000003 R11: 00000000000380f0 R12: ffff888106b4fc18 [ 140.136182] R13: ffff888106869000 R14: ffff888106b56000 R15: ffff88810645f400 [ 140.136674] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 140.137060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.137393] CR2: 00007ffff7ffd000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 140.137895] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 140.138209] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.138493] Call Trace: [ 140.138627] <TASK> [ 140.138820] drm_test_framebuffer_free+0x1ab/0x610 [ 140.139054] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.139291] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.139527] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.139787] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.140114] ? __schedule+0x10cc/0x2b60 [ 140.140437] ? __pfx_read_tsc+0x10/0x10 [ 140.140817] ? ktime_get_ts64+0x86/0x230 [ 140.141013] kunit_try_run_case+0x1a5/0x480 [ 140.141243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.141414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.141825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.142107] ? __kthread_parkme+0x82/0x180 [ 140.142266] ? preempt_count_sub+0x50/0x80 [ 140.142497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.142760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.143019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.143338] kthread+0x337/0x6f0 [ 140.143474] ? trace_preempt_on+0x20/0xc0 [ 140.143876] ? __pfx_kthread+0x10/0x10 [ 140.144243] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.144469] ? calculate_sigpending+0x7b/0xa0 [ 140.144719] ? __pfx_kthread+0x10/0x10 [ 140.144950] ret_from_fork+0x41/0x80 [ 140.145174] ? __pfx_kthread+0x10/0x10 [ 140.145369] ret_from_fork_asm+0x1a/0x30 [ 140.145541] </TASK> [ 140.145644] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.676400] WARNING: CPU: 1 PID: 1951 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.676980] Modules linked in: [ 138.677240] CPU: 1 UID: 0 PID: 1951 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 138.677591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.678089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.678872] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.679304] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 50 f6 21 02 48 89 df e8 d8 [ 138.680445] RSP: 0000:ffff888102f37c90 EFLAGS: 00010246 [ 138.681092] RAX: dffffc0000000000 RBX: ffff888105c48000 RCX: 0000000000000000 [ 138.681671] RDX: 1ffff11020b89032 RSI: ffffffff857f4a88 RDI: ffff888105c48190 [ 138.682433] RBP: ffff888102f37ca0 R08: 1ffff11020063f69 R09: ffffed10205e6f65 [ 138.682803] R10: 0000000000000003 R11: ffffffff842049aa R12: 0000000000000000 [ 138.683478] R13: ffff888102f37d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 138.683708] FS: 0000000000000000(0000) GS:ffff8881d0b93000(0000) knlGS:0000000000000000 [ 138.684385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.684970] CR2: 00007ffff7ffe000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 138.685359] DR0: ffffffff8a630904 DR1: ffffffff8a630909 DR2: ffffffff8a63090a [ 138.685966] DR3: ffffffff8a63090b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.686449] Call Trace: [ 138.686580] <TASK> [ 138.686684] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.687451] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.688201] ? __schedule+0x10cc/0x2b60 [ 138.688357] ? __pfx_read_tsc+0x10/0x10 [ 138.688499] ? ktime_get_ts64+0x86/0x230 [ 138.688655] kunit_try_run_case+0x1a5/0x480 [ 138.689153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.689340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.689573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.689869] ? __kthread_parkme+0x82/0x180 [ 138.690090] ? preempt_count_sub+0x50/0x80 [ 138.690237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.690454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.690719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.691227] kthread+0x337/0x6f0 [ 138.691542] ? trace_preempt_on+0x20/0xc0 [ 138.692000] ? __pfx_kthread+0x10/0x10 [ 138.692178] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.692347] ? calculate_sigpending+0x7b/0xa0 [ 138.692832] ? __pfx_kthread+0x10/0x10 [ 138.693033] ret_from_fork+0x41/0x80 [ 138.693179] ? __pfx_kthread+0x10/0x10 [ 138.693630] ret_from_fork_asm+0x1a/0x30 [ 138.693966] </TASK> [ 138.694285] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.765326] WARNING: CPU: 0 PID: 1959 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.765898] Modules linked in: [ 138.766075] CPU: 0 UID: 0 PID: 1959 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 138.766486] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.766787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.767175] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.767604] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 50 f6 21 02 48 89 df e8 d8 [ 138.768381] RSP: 0000:ffff8881056c7c90 EFLAGS: 00010246 [ 138.768738] RAX: dffffc0000000000 RBX: ffff888105bc0000 RCX: 0000000000000000 [ 138.769074] RDX: 1ffff11020b78032 RSI: ffffffff857f4a88 RDI: ffff888105bc0190 [ 138.769306] RBP: ffff8881056c7ca0 R08: 1ffff11020063f69 R09: ffffed1020ad8f65 [ 138.769688] R10: 0000000000000003 R11: ffffffff842049aa R12: 0000000000000000 [ 138.770134] R13: ffff8881056c7d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 138.770448] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 138.771037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.771267] CR2: 00007ffff7ffd000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 138.771502] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 138.771912] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.772257] Call Trace: [ 138.772401] <TASK> [ 138.772556] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.772898] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.773258] ? __schedule+0x10cc/0x2b60 [ 138.773466] ? __pfx_read_tsc+0x10/0x10 [ 138.773643] ? ktime_get_ts64+0x86/0x230 [ 138.773887] kunit_try_run_case+0x1a5/0x480 [ 138.774120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.774572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.774781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.775184] ? __kthread_parkme+0x82/0x180 [ 138.775395] ? preempt_count_sub+0x50/0x80 [ 138.775559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.775921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.776182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.776430] kthread+0x337/0x6f0 [ 138.776628] ? trace_preempt_on+0x20/0xc0 [ 138.776955] ? __pfx_kthread+0x10/0x10 [ 138.777164] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.777380] ? calculate_sigpending+0x7b/0xa0 [ 138.777575] ? __pfx_kthread+0x10/0x10 [ 138.777762] ret_from_fork+0x41/0x80 [ 138.778168] ? __pfx_kthread+0x10/0x10 [ 138.778442] ret_from_fork_asm+0x1a/0x30 [ 138.778659] </TASK> [ 138.778859] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 12.830590] ================================================================== [ 12.831615] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 12.832081] Read of size 1 at addr ffff888102a07fd0 by task kunit_try_catch/278 [ 12.832368] [ 12.832488] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.832538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.832553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.832576] Call Trace: [ 12.832588] <TASK> [ 12.832608] dump_stack_lvl+0x73/0xb0 [ 12.832634] print_report+0xd1/0x650 [ 12.832659] ? __virt_addr_valid+0x1db/0x2d0 [ 12.832682] ? strcmp+0xb0/0xc0 [ 12.832699] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.832722] ? strcmp+0xb0/0xc0 [ 12.832741] kasan_report+0x141/0x180 [ 12.832763] ? strcmp+0xb0/0xc0 [ 12.832785] __asan_report_load1_noabort+0x18/0x20 [ 12.832805] strcmp+0xb0/0xc0 [ 12.832824] kasan_strings+0x431/0xe80 [ 12.832844] ? trace_hardirqs_on+0x37/0xe0 [ 12.832867] ? __pfx_kasan_strings+0x10/0x10 [ 12.832888] ? finish_task_switch.isra.0+0x153/0x700 [ 12.832912] ? __switch_to+0x5d9/0xf60 [ 12.832944] ? dequeue_task_fair+0x156/0x4e0 [ 12.832968] ? __schedule+0x10cc/0x2b60 [ 12.832991] ? __pfx_read_tsc+0x10/0x10 [ 12.833011] ? ktime_get_ts64+0x86/0x230 [ 12.833035] kunit_try_run_case+0x1a5/0x480 [ 12.833061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.833107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.833129] ? __kthread_parkme+0x82/0x180 [ 12.833152] ? preempt_count_sub+0x50/0x80 [ 12.833177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.833222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.833245] kthread+0x337/0x6f0 [ 12.833261] ? trace_preempt_on+0x20/0xc0 [ 12.833283] ? __pfx_kthread+0x10/0x10 [ 12.833300] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.833322] ? calculate_sigpending+0x7b/0xa0 [ 12.833343] ? __pfx_kthread+0x10/0x10 [ 12.833361] ret_from_fork+0x41/0x80 [ 12.833382] ? __pfx_kthread+0x10/0x10 [ 12.833399] ret_from_fork_asm+0x1a/0x30 [ 12.833430] </TASK> [ 12.833441] [ 12.841678] Allocated by task 278: [ 12.841953] kasan_save_stack+0x45/0x70 [ 12.842329] kasan_save_track+0x18/0x40 [ 12.842501] kasan_save_alloc_info+0x3b/0x50 [ 12.842647] __kasan_kmalloc+0xb7/0xc0 [ 12.842779] __kmalloc_cache_noprof+0x189/0x420 [ 12.842942] kasan_strings+0xc0/0xe80 [ 12.843074] kunit_try_run_case+0x1a5/0x480 [ 12.843461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.843799] kthread+0x337/0x6f0 [ 12.843975] ret_from_fork+0x41/0x80 [ 12.844157] ret_from_fork_asm+0x1a/0x30 [ 12.844381] [ 12.844468] Freed by task 278: [ 12.844593] kasan_save_stack+0x45/0x70 [ 12.844834] kasan_save_track+0x18/0x40 [ 12.845041] kasan_save_free_info+0x3f/0x60 [ 12.845308] __kasan_slab_free+0x56/0x70 [ 12.845444] kfree+0x222/0x3f0 [ 12.845593] kasan_strings+0x2aa/0xe80 [ 12.845780] kunit_try_run_case+0x1a5/0x480 [ 12.845997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.846198] kthread+0x337/0x6f0 [ 12.846346] ret_from_fork+0x41/0x80 [ 12.846533] ret_from_fork_asm+0x1a/0x30 [ 12.846764] [ 12.846834] The buggy address belongs to the object at ffff888102a07fc0 [ 12.846834] which belongs to the cache kmalloc-32 of size 32 [ 12.847509] The buggy address is located 16 bytes inside of [ 12.847509] freed 32-byte region [ffff888102a07fc0, ffff888102a07fe0) [ 12.848072] [ 12.848145] The buggy address belongs to the physical page: [ 12.848329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 12.848579] flags: 0x200000000000000(node=0|zone=2) [ 12.848751] page_type: f5(slab) [ 12.848906] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.849269] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 12.849621] page dumped because: kasan: bad access detected [ 12.850183] [ 12.850277] Memory state around the buggy address: [ 12.850721] ffff888102a07e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.850951] ffff888102a07f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.851412] >ffff888102a07f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.851778] ^ [ 12.852027] ffff888102a08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.852252] ffff888102a08080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852466] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 12.802948] ================================================================== [ 12.803401] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 12.803696] Read of size 1 at addr ffff888102a07e98 by task kunit_try_catch/276 [ 12.804043] [ 12.804360] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.804418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.804431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.804454] Call Trace: [ 12.804467] <TASK> [ 12.804486] dump_stack_lvl+0x73/0xb0 [ 12.804513] print_report+0xd1/0x650 [ 12.804539] ? __virt_addr_valid+0x1db/0x2d0 [ 12.804561] ? memcmp+0x1b4/0x1d0 [ 12.804579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.804602] ? memcmp+0x1b4/0x1d0 [ 12.804621] kasan_report+0x141/0x180 [ 12.804643] ? memcmp+0x1b4/0x1d0 [ 12.804666] __asan_report_load1_noabort+0x18/0x20 [ 12.804686] memcmp+0x1b4/0x1d0 [ 12.804708] kasan_memcmp+0x18f/0x390 [ 12.805066] ? trace_hardirqs_on+0x37/0xe0 [ 12.805098] ? __pfx_kasan_memcmp+0x10/0x10 [ 12.805121] ? __kasan_check_write+0x18/0x20 [ 12.805141] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.805168] ? trace_hardirqs_on+0x37/0xe0 [ 12.805190] ? __pfx_read_tsc+0x10/0x10 [ 12.805210] ? ktime_get_ts64+0x86/0x230 [ 12.805236] kunit_try_run_case+0x1a5/0x480 [ 12.805261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.805286] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.805308] ? __kthread_parkme+0x82/0x180 [ 12.805330] ? preempt_count_sub+0x50/0x80 [ 12.805356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.805379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.805402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.805426] kthread+0x337/0x6f0 [ 12.805442] ? trace_preempt_on+0x20/0xc0 [ 12.805464] ? __pfx_kthread+0x10/0x10 [ 12.805482] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.805503] ? calculate_sigpending+0x7b/0xa0 [ 12.805525] ? __pfx_kthread+0x10/0x10 [ 12.805543] ret_from_fork+0x41/0x80 [ 12.805580] ? __pfx_kthread+0x10/0x10 [ 12.805598] ret_from_fork_asm+0x1a/0x30 [ 12.805628] </TASK> [ 12.805640] [ 12.813615] Allocated by task 276: [ 12.813766] kasan_save_stack+0x45/0x70 [ 12.813934] kasan_save_track+0x18/0x40 [ 12.814127] kasan_save_alloc_info+0x3b/0x50 [ 12.814345] __kasan_kmalloc+0xb7/0xc0 [ 12.814539] __kmalloc_cache_noprof+0x189/0x420 [ 12.814765] kasan_memcmp+0xb7/0x390 [ 12.815017] kunit_try_run_case+0x1a5/0x480 [ 12.815212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.815409] kthread+0x337/0x6f0 [ 12.815529] ret_from_fork+0x41/0x80 [ 12.816090] ret_from_fork_asm+0x1a/0x30 [ 12.816311] [ 12.816409] The buggy address belongs to the object at ffff888102a07e80 [ 12.816409] which belongs to the cache kmalloc-32 of size 32 [ 12.817006] The buggy address is located 0 bytes to the right of [ 12.817006] allocated 24-byte region [ffff888102a07e80, ffff888102a07e98) [ 12.817379] [ 12.817472] The buggy address belongs to the physical page: [ 12.817718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 12.818148] flags: 0x200000000000000(node=0|zone=2) [ 12.818374] page_type: f5(slab) [ 12.818502] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.819095] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.819389] page dumped because: kasan: bad access detected [ 12.819597] [ 12.819665] Memory state around the buggy address: [ 12.819824] ffff888102a07d80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.820316] ffff888102a07e00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.820681] >ffff888102a07e80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.821070] ^ [ 12.821210] ffff888102a07f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.821470] ffff888102a07f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.821925] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.446672] ================================================================== [ 11.447142] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.447665] Read of size 1 at addr ffff888102f60978 by task kunit_try_catch/215 [ 11.448128] [ 11.448465] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.448526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.448537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.448557] Call Trace: [ 11.448569] <TASK> [ 11.448586] dump_stack_lvl+0x73/0xb0 [ 11.448622] print_report+0xd1/0x650 [ 11.448645] ? __virt_addr_valid+0x1db/0x2d0 [ 11.448666] ? ksize_uaf+0x5e4/0x6c0 [ 11.448698] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.448773] ? ksize_uaf+0x5e4/0x6c0 [ 11.448796] kasan_report+0x141/0x180 [ 11.448829] ? ksize_uaf+0x5e4/0x6c0 [ 11.448855] __asan_report_load1_noabort+0x18/0x20 [ 11.448875] ksize_uaf+0x5e4/0x6c0 [ 11.448906] ? __pfx_ksize_uaf+0x10/0x10 [ 11.448936] ? __schedule+0x10cc/0x2b60 [ 11.448959] ? __pfx_read_tsc+0x10/0x10 [ 11.448979] ? ktime_get_ts64+0x86/0x230 [ 11.449005] kunit_try_run_case+0x1a5/0x480 [ 11.449029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.449050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.449073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.449097] ? __kthread_parkme+0x82/0x180 [ 11.449118] ? preempt_count_sub+0x50/0x80 [ 11.449144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.449177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.449200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.449222] kthread+0x337/0x6f0 [ 11.449249] ? trace_preempt_on+0x20/0xc0 [ 11.449273] ? __pfx_kthread+0x10/0x10 [ 11.449290] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.449311] ? calculate_sigpending+0x7b/0xa0 [ 11.449332] ? __pfx_kthread+0x10/0x10 [ 11.449350] ret_from_fork+0x41/0x80 [ 11.449371] ? __pfx_kthread+0x10/0x10 [ 11.449397] ret_from_fork_asm+0x1a/0x30 [ 11.449427] </TASK> [ 11.449437] [ 11.457187] Allocated by task 215: [ 11.457360] kasan_save_stack+0x45/0x70 [ 11.457587] kasan_save_track+0x18/0x40 [ 11.457880] kasan_save_alloc_info+0x3b/0x50 [ 11.458083] __kasan_kmalloc+0xb7/0xc0 [ 11.458298] __kmalloc_cache_noprof+0x189/0x420 [ 11.458455] ksize_uaf+0xaa/0x6c0 [ 11.458577] kunit_try_run_case+0x1a5/0x480 [ 11.458737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.459238] kthread+0x337/0x6f0 [ 11.459415] ret_from_fork+0x41/0x80 [ 11.459639] ret_from_fork_asm+0x1a/0x30 [ 11.459930] [ 11.460020] Freed by task 215: [ 11.460173] kasan_save_stack+0x45/0x70 [ 11.460375] kasan_save_track+0x18/0x40 [ 11.460547] kasan_save_free_info+0x3f/0x60 [ 11.460860] __kasan_slab_free+0x56/0x70 [ 11.461067] kfree+0x222/0x3f0 [ 11.461227] ksize_uaf+0x12c/0x6c0 [ 11.461393] kunit_try_run_case+0x1a5/0x480 [ 11.461625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.462008] kthread+0x337/0x6f0 [ 11.462134] ret_from_fork+0x41/0x80 [ 11.462264] ret_from_fork_asm+0x1a/0x30 [ 11.462412] [ 11.462505] The buggy address belongs to the object at ffff888102f60900 [ 11.462505] which belongs to the cache kmalloc-128 of size 128 [ 11.463283] The buggy address is located 120 bytes inside of [ 11.463283] freed 128-byte region [ffff888102f60900, ffff888102f60980) [ 11.463841] [ 11.463924] The buggy address belongs to the physical page: [ 11.464153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 11.464519] flags: 0x200000000000000(node=0|zone=2) [ 11.464743] page_type: f5(slab) [ 11.464896] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.465214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.465503] page dumped because: kasan: bad access detected [ 11.465743] [ 11.465820] Memory state around the buggy address: [ 11.466168] ffff888102f60800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.466475] ffff888102f60880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.467028] >ffff888102f60900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.467292] ^ [ 11.467642] ffff888102f60980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.468026] ffff888102f60a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.468327] ================================================================== [ 11.400079] ================================================================== [ 11.401027] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.401377] Read of size 1 at addr ffff888102f60900 by task kunit_try_catch/215 [ 11.401693] [ 11.401972] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.402035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.402046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.402069] Call Trace: [ 11.402081] <TASK> [ 11.402101] dump_stack_lvl+0x73/0xb0 [ 11.402129] print_report+0xd1/0x650 [ 11.402162] ? __virt_addr_valid+0x1db/0x2d0 [ 11.402186] ? ksize_uaf+0x19d/0x6c0 [ 11.402206] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.402238] ? ksize_uaf+0x19d/0x6c0 [ 11.402259] kasan_report+0x141/0x180 [ 11.402281] ? ksize_uaf+0x19d/0x6c0 [ 11.402304] ? ksize_uaf+0x19d/0x6c0 [ 11.402325] __kasan_check_byte+0x3d/0x50 [ 11.402347] ksize+0x20/0x60 [ 11.402369] ksize_uaf+0x19d/0x6c0 [ 11.402389] ? __pfx_ksize_uaf+0x10/0x10 [ 11.402410] ? __schedule+0x10cc/0x2b60 [ 11.402434] ? __pfx_read_tsc+0x10/0x10 [ 11.402454] ? ktime_get_ts64+0x86/0x230 [ 11.402490] kunit_try_run_case+0x1a5/0x480 [ 11.402516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.402537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.402572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.402595] ? __kthread_parkme+0x82/0x180 [ 11.402647] ? preempt_count_sub+0x50/0x80 [ 11.402674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.402697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.402719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.402740] kthread+0x337/0x6f0 [ 11.402757] ? trace_preempt_on+0x20/0xc0 [ 11.402781] ? __pfx_kthread+0x10/0x10 [ 11.402798] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.402818] ? calculate_sigpending+0x7b/0xa0 [ 11.402840] ? __pfx_kthread+0x10/0x10 [ 11.402858] ret_from_fork+0x41/0x80 [ 11.402879] ? __pfx_kthread+0x10/0x10 [ 11.402896] ret_from_fork_asm+0x1a/0x30 [ 11.402939] </TASK> [ 11.402952] [ 11.411192] Allocated by task 215: [ 11.411352] kasan_save_stack+0x45/0x70 [ 11.411510] kasan_save_track+0x18/0x40 [ 11.411817] kasan_save_alloc_info+0x3b/0x50 [ 11.412037] __kasan_kmalloc+0xb7/0xc0 [ 11.412389] __kmalloc_cache_noprof+0x189/0x420 [ 11.412807] ksize_uaf+0xaa/0x6c0 [ 11.413117] kunit_try_run_case+0x1a5/0x480 [ 11.413333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.413633] kthread+0x337/0x6f0 [ 11.413866] ret_from_fork+0x41/0x80 [ 11.414053] ret_from_fork_asm+0x1a/0x30 [ 11.414219] [ 11.414337] Freed by task 215: [ 11.414495] kasan_save_stack+0x45/0x70 [ 11.414656] kasan_save_track+0x18/0x40 [ 11.414791] kasan_save_free_info+0x3f/0x60 [ 11.415008] __kasan_slab_free+0x56/0x70 [ 11.415203] kfree+0x222/0x3f0 [ 11.415416] ksize_uaf+0x12c/0x6c0 [ 11.415545] kunit_try_run_case+0x1a5/0x480 [ 11.415692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.416116] kthread+0x337/0x6f0 [ 11.416294] ret_from_fork+0x41/0x80 [ 11.416475] ret_from_fork_asm+0x1a/0x30 [ 11.416860] [ 11.416977] The buggy address belongs to the object at ffff888102f60900 [ 11.416977] which belongs to the cache kmalloc-128 of size 128 [ 11.417359] The buggy address is located 0 bytes inside of [ 11.417359] freed 128-byte region [ffff888102f60900, ffff888102f60980) [ 11.418278] [ 11.418394] The buggy address belongs to the physical page: [ 11.418620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 11.419087] flags: 0x200000000000000(node=0|zone=2) [ 11.419395] page_type: f5(slab) [ 11.419594] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.420067] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.420498] page dumped because: kasan: bad access detected [ 11.420857] [ 11.420951] Memory state around the buggy address: [ 11.421146] ffff888102f60800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.421362] ffff888102f60880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.421672] >ffff888102f60900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.422236] ^ [ 11.422362] ffff888102f60980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422582] ffff888102f60a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422868] ================================================================== [ 11.423597] ================================================================== [ 11.424453] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.424906] Read of size 1 at addr ffff888102f60900 by task kunit_try_catch/215 [ 11.425137] [ 11.425226] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.425350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.425364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.425385] Call Trace: [ 11.425418] <TASK> [ 11.425437] dump_stack_lvl+0x73/0xb0 [ 11.425463] print_report+0xd1/0x650 [ 11.425499] ? __virt_addr_valid+0x1db/0x2d0 [ 11.425520] ? ksize_uaf+0x5fe/0x6c0 [ 11.425540] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.425562] ? ksize_uaf+0x5fe/0x6c0 [ 11.425583] kasan_report+0x141/0x180 [ 11.425605] ? ksize_uaf+0x5fe/0x6c0 [ 11.425630] __asan_report_load1_noabort+0x18/0x20 [ 11.425650] ksize_uaf+0x5fe/0x6c0 [ 11.425671] ? __pfx_ksize_uaf+0x10/0x10 [ 11.425692] ? __schedule+0x10cc/0x2b60 [ 11.425755] ? __pfx_read_tsc+0x10/0x10 [ 11.425788] ? ktime_get_ts64+0x86/0x230 [ 11.425815] kunit_try_run_case+0x1a5/0x480 [ 11.425839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.425871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.425894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.425926] ? __kthread_parkme+0x82/0x180 [ 11.425948] ? preempt_count_sub+0x50/0x80 [ 11.425982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.426006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.426029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.426062] kthread+0x337/0x6f0 [ 11.426079] ? trace_preempt_on+0x20/0xc0 [ 11.426102] ? __pfx_kthread+0x10/0x10 [ 11.426120] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.426150] ? calculate_sigpending+0x7b/0xa0 [ 11.426171] ? __pfx_kthread+0x10/0x10 [ 11.426188] ret_from_fork+0x41/0x80 [ 11.426219] ? __pfx_kthread+0x10/0x10 [ 11.426237] ret_from_fork_asm+0x1a/0x30 [ 11.426267] </TASK> [ 11.426278] [ 11.434186] Allocated by task 215: [ 11.434475] kasan_save_stack+0x45/0x70 [ 11.434701] kasan_save_track+0x18/0x40 [ 11.434882] kasan_save_alloc_info+0x3b/0x50 [ 11.435139] __kasan_kmalloc+0xb7/0xc0 [ 11.435354] __kmalloc_cache_noprof+0x189/0x420 [ 11.435537] ksize_uaf+0xaa/0x6c0 [ 11.435736] kunit_try_run_case+0x1a5/0x480 [ 11.435914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.436360] kthread+0x337/0x6f0 [ 11.436545] ret_from_fork+0x41/0x80 [ 11.436816] ret_from_fork_asm+0x1a/0x30 [ 11.437043] [ 11.437128] Freed by task 215: [ 11.437284] kasan_save_stack+0x45/0x70 [ 11.437477] kasan_save_track+0x18/0x40 [ 11.437692] kasan_save_free_info+0x3f/0x60 [ 11.437832] __kasan_slab_free+0x56/0x70 [ 11.437978] kfree+0x222/0x3f0 [ 11.438092] ksize_uaf+0x12c/0x6c0 [ 11.438291] kunit_try_run_case+0x1a5/0x480 [ 11.438509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.438811] kthread+0x337/0x6f0 [ 11.439057] ret_from_fork+0x41/0x80 [ 11.439250] ret_from_fork_asm+0x1a/0x30 [ 11.439441] [ 11.439540] The buggy address belongs to the object at ffff888102f60900 [ 11.439540] which belongs to the cache kmalloc-128 of size 128 [ 11.440182] The buggy address is located 0 bytes inside of [ 11.440182] freed 128-byte region [ffff888102f60900, ffff888102f60980) [ 11.440774] [ 11.441057] The buggy address belongs to the physical page: [ 11.441274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 11.441681] flags: 0x200000000000000(node=0|zone=2) [ 11.441985] page_type: f5(slab) [ 11.442136] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.442453] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.442769] page dumped because: kasan: bad access detected [ 11.442952] [ 11.443021] Memory state around the buggy address: [ 11.443308] ffff888102f60800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.443864] ffff888102f60880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.444216] >ffff888102f60900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.444507] ^ [ 11.444713] ffff888102f60980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.445029] ffff888102f60a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.445286] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.314093] ================================================================== [ 11.315473] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.316641] Read of size 1 at addr ffff8881029f9273 by task kunit_try_catch/213 [ 11.317935] [ 11.318317] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.318371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.318383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.318404] Call Trace: [ 11.318421] <TASK> [ 11.318441] dump_stack_lvl+0x73/0xb0 [ 11.318472] print_report+0xd1/0x650 [ 11.318497] ? __virt_addr_valid+0x1db/0x2d0 [ 11.318521] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.318540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.318563] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.318583] kasan_report+0x141/0x180 [ 11.318605] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.318759] __asan_report_load1_noabort+0x18/0x20 [ 11.318781] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.318846] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.318867] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.318898] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.318932] kunit_try_run_case+0x1a5/0x480 [ 11.318960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.318981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.319005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.319028] ? __kthread_parkme+0x82/0x180 [ 11.319050] ? preempt_count_sub+0x50/0x80 [ 11.319076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.319100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.319122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.319144] kthread+0x337/0x6f0 [ 11.319160] ? trace_preempt_on+0x20/0xc0 [ 11.319184] ? __pfx_kthread+0x10/0x10 [ 11.319201] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.319222] ? calculate_sigpending+0x7b/0xa0 [ 11.319243] ? __pfx_kthread+0x10/0x10 [ 11.319260] ret_from_fork+0x41/0x80 [ 11.319282] ? __pfx_kthread+0x10/0x10 [ 11.319300] ret_from_fork_asm+0x1a/0x30 [ 11.319332] </TASK> [ 11.319343] [ 11.334841] Allocated by task 213: [ 11.335140] kasan_save_stack+0x45/0x70 [ 11.335300] kasan_save_track+0x18/0x40 [ 11.335432] kasan_save_alloc_info+0x3b/0x50 [ 11.335582] __kasan_kmalloc+0xb7/0xc0 [ 11.336136] __kmalloc_cache_noprof+0x189/0x420 [ 11.336611] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.337144] kunit_try_run_case+0x1a5/0x480 [ 11.337567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.338176] kthread+0x337/0x6f0 [ 11.338726] ret_from_fork+0x41/0x80 [ 11.338997] ret_from_fork_asm+0x1a/0x30 [ 11.339469] [ 11.339554] The buggy address belongs to the object at ffff8881029f9200 [ 11.339554] which belongs to the cache kmalloc-128 of size 128 [ 11.340373] The buggy address is located 0 bytes to the right of [ 11.340373] allocated 115-byte region [ffff8881029f9200, ffff8881029f9273) [ 11.341291] [ 11.341575] The buggy address belongs to the physical page: [ 11.342370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 11.342981] flags: 0x200000000000000(node=0|zone=2) [ 11.343156] page_type: f5(slab) [ 11.343284] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.343516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.344207] page dumped because: kasan: bad access detected [ 11.344860] [ 11.345061] Memory state around the buggy address: [ 11.345496] ffff8881029f9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.346455] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.347358] >ffff8881029f9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.348078] ^ [ 11.348425] ffff8881029f9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.349214] ffff8881029f9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.349727] ================================================================== [ 11.378083] ================================================================== [ 11.378406] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.378880] Read of size 1 at addr ffff8881029f927f by task kunit_try_catch/213 [ 11.379238] [ 11.379351] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.379398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.379420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.379441] Call Trace: [ 11.379455] <TASK> [ 11.379473] dump_stack_lvl+0x73/0xb0 [ 11.379511] print_report+0xd1/0x650 [ 11.379534] ? __virt_addr_valid+0x1db/0x2d0 [ 11.379556] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.379575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.379597] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.379617] kasan_report+0x141/0x180 [ 11.379639] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.379662] __asan_report_load1_noabort+0x18/0x20 [ 11.379692] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.379712] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.379730] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.379770] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.379794] kunit_try_run_case+0x1a5/0x480 [ 11.379819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.379842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.379866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.379889] ? __kthread_parkme+0x82/0x180 [ 11.379911] ? preempt_count_sub+0x50/0x80 [ 11.379948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.379971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.379994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.380016] kthread+0x337/0x6f0 [ 11.380032] ? trace_preempt_on+0x20/0xc0 [ 11.380055] ? __pfx_kthread+0x10/0x10 [ 11.380073] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.380093] ? calculate_sigpending+0x7b/0xa0 [ 11.380115] ? __pfx_kthread+0x10/0x10 [ 11.380133] ret_from_fork+0x41/0x80 [ 11.380155] ? __pfx_kthread+0x10/0x10 [ 11.380173] ret_from_fork_asm+0x1a/0x30 [ 11.380203] </TASK> [ 11.380215] [ 11.387232] Allocated by task 213: [ 11.387418] kasan_save_stack+0x45/0x70 [ 11.387621] kasan_save_track+0x18/0x40 [ 11.387828] kasan_save_alloc_info+0x3b/0x50 [ 11.388041] __kasan_kmalloc+0xb7/0xc0 [ 11.388218] __kmalloc_cache_noprof+0x189/0x420 [ 11.388456] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.388606] kunit_try_run_case+0x1a5/0x480 [ 11.388758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.389035] kthread+0x337/0x6f0 [ 11.389201] ret_from_fork+0x41/0x80 [ 11.389428] ret_from_fork_asm+0x1a/0x30 [ 11.389604] [ 11.389700] The buggy address belongs to the object at ffff8881029f9200 [ 11.389700] which belongs to the cache kmalloc-128 of size 128 [ 11.390205] The buggy address is located 12 bytes to the right of [ 11.390205] allocated 115-byte region [ffff8881029f9200, ffff8881029f9273) [ 11.390775] [ 11.390880] The buggy address belongs to the physical page: [ 11.391099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 11.391452] flags: 0x200000000000000(node=0|zone=2) [ 11.391779] page_type: f5(slab) [ 11.391935] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.392287] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.392570] page dumped because: kasan: bad access detected [ 11.392905] [ 11.392982] Memory state around the buggy address: [ 11.393136] ffff8881029f9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.393350] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.393564] >ffff8881029f9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.393925] ^ [ 11.394239] ffff8881029f9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.394552] ffff8881029f9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.394864] ================================================================== [ 11.350907] ================================================================== [ 11.351175] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.351419] Read of size 1 at addr ffff8881029f9278 by task kunit_try_catch/213 [ 11.352032] [ 11.352382] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.352433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.352445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.352466] Call Trace: [ 11.352479] <TASK> [ 11.352497] dump_stack_lvl+0x73/0xb0 [ 11.352594] print_report+0xd1/0x650 [ 11.352619] ? __virt_addr_valid+0x1db/0x2d0 [ 11.352640] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.352659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.352681] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.352700] kasan_report+0x141/0x180 [ 11.352722] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.352746] __asan_report_load1_noabort+0x18/0x20 [ 11.352775] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.352795] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.352814] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.352856] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.352880] kunit_try_run_case+0x1a5/0x480 [ 11.352905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.352938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.352961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.352984] ? __kthread_parkme+0x82/0x180 [ 11.353006] ? preempt_count_sub+0x50/0x80 [ 11.353033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.353058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.353081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.353104] kthread+0x337/0x6f0 [ 11.353120] ? trace_preempt_on+0x20/0xc0 [ 11.353144] ? __pfx_kthread+0x10/0x10 [ 11.353161] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.353182] ? calculate_sigpending+0x7b/0xa0 [ 11.353203] ? __pfx_kthread+0x10/0x10 [ 11.353221] ret_from_fork+0x41/0x80 [ 11.353242] ? __pfx_kthread+0x10/0x10 [ 11.353260] ret_from_fork_asm+0x1a/0x30 [ 11.353289] </TASK> [ 11.353301] [ 11.365887] Allocated by task 213: [ 11.366189] kasan_save_stack+0x45/0x70 [ 11.366536] kasan_save_track+0x18/0x40 [ 11.366901] kasan_save_alloc_info+0x3b/0x50 [ 11.367062] __kasan_kmalloc+0xb7/0xc0 [ 11.367197] __kmalloc_cache_noprof+0x189/0x420 [ 11.367351] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.367499] kunit_try_run_case+0x1a5/0x480 [ 11.367832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.368313] kthread+0x337/0x6f0 [ 11.368657] ret_from_fork+0x41/0x80 [ 11.369003] ret_from_fork_asm+0x1a/0x30 [ 11.369379] [ 11.369567] The buggy address belongs to the object at ffff8881029f9200 [ 11.369567] which belongs to the cache kmalloc-128 of size 128 [ 11.370829] The buggy address is located 5 bytes to the right of [ 11.370829] allocated 115-byte region [ffff8881029f9200, ffff8881029f9273) [ 11.371838] [ 11.371912] The buggy address belongs to the physical page: [ 11.372094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 11.372342] flags: 0x200000000000000(node=0|zone=2) [ 11.372507] page_type: f5(slab) [ 11.372722] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.373393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.373815] page dumped because: kasan: bad access detected [ 11.374303] [ 11.374431] Memory state around the buggy address: [ 11.374787] ffff8881029f9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.375168] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.375385] >ffff8881029f9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.375627] ^ [ 11.376123] ffff8881029f9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.376347] ffff8881029f9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.376560] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.289141] ================================================================== [ 11.289512] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.289869] Free of addr ffff8881025a7fc0 by task kunit_try_catch/211 [ 11.290083] [ 11.290203] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.290250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.290261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.290283] Call Trace: [ 11.290303] <TASK> [ 11.290321] dump_stack_lvl+0x73/0xb0 [ 11.290346] print_report+0xd1/0x650 [ 11.290369] ? __virt_addr_valid+0x1db/0x2d0 [ 11.290391] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.290412] ? kfree_sensitive+0x2e/0x90 [ 11.290434] kasan_report_invalid_free+0x10a/0x130 [ 11.290458] ? kfree_sensitive+0x2e/0x90 [ 11.290479] ? kfree_sensitive+0x2e/0x90 [ 11.290499] check_slab_allocation+0x101/0x130 [ 11.290520] __kasan_slab_pre_free+0x28/0x40 [ 11.290540] kfree+0xf0/0x3f0 [ 11.290559] ? kfree_sensitive+0x2e/0x90 [ 11.290581] kfree_sensitive+0x2e/0x90 [ 11.290601] kmalloc_double_kzfree+0x19c/0x350 [ 11.290620] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.290639] ? __schedule+0x10cc/0x2b60 [ 11.290662] ? __pfx_read_tsc+0x10/0x10 [ 11.290681] ? ktime_get_ts64+0x86/0x230 [ 11.290706] kunit_try_run_case+0x1a5/0x480 [ 11.290731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.290752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.290776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.290799] ? __kthread_parkme+0x82/0x180 [ 11.290820] ? preempt_count_sub+0x50/0x80 [ 11.290846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.290870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.290892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.290914] kthread+0x337/0x6f0 [ 11.290941] ? trace_preempt_on+0x20/0xc0 [ 11.290964] ? __pfx_kthread+0x10/0x10 [ 11.290981] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.291002] ? calculate_sigpending+0x7b/0xa0 [ 11.291023] ? __pfx_kthread+0x10/0x10 [ 11.291041] ret_from_fork+0x41/0x80 [ 11.291062] ? __pfx_kthread+0x10/0x10 [ 11.291079] ret_from_fork_asm+0x1a/0x30 [ 11.291108] </TASK> [ 11.291119] [ 11.298501] Allocated by task 211: [ 11.298809] kasan_save_stack+0x45/0x70 [ 11.299047] kasan_save_track+0x18/0x40 [ 11.299235] kasan_save_alloc_info+0x3b/0x50 [ 11.299437] __kasan_kmalloc+0xb7/0xc0 [ 11.299720] __kmalloc_cache_noprof+0x189/0x420 [ 11.300038] kmalloc_double_kzfree+0xa9/0x350 [ 11.300237] kunit_try_run_case+0x1a5/0x480 [ 11.300478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.300785] kthread+0x337/0x6f0 [ 11.300954] ret_from_fork+0x41/0x80 [ 11.301142] ret_from_fork_asm+0x1a/0x30 [ 11.301309] [ 11.301403] Freed by task 211: [ 11.301541] kasan_save_stack+0x45/0x70 [ 11.301716] kasan_save_track+0x18/0x40 [ 11.302024] kasan_save_free_info+0x3f/0x60 [ 11.302202] __kasan_slab_free+0x56/0x70 [ 11.302369] kfree+0x222/0x3f0 [ 11.302483] kfree_sensitive+0x67/0x90 [ 11.302647] kmalloc_double_kzfree+0x12b/0x350 [ 11.302877] kunit_try_run_case+0x1a5/0x480 [ 11.303153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.303398] kthread+0x337/0x6f0 [ 11.303544] ret_from_fork+0x41/0x80 [ 11.303714] ret_from_fork_asm+0x1a/0x30 [ 11.303889] [ 11.303967] The buggy address belongs to the object at ffff8881025a7fc0 [ 11.303967] which belongs to the cache kmalloc-16 of size 16 [ 11.304429] The buggy address is located 0 bytes inside of [ 11.304429] 16-byte region [ffff8881025a7fc0, ffff8881025a7fd0) [ 11.304865] [ 11.304964] The buggy address belongs to the physical page: [ 11.305233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 11.305471] flags: 0x200000000000000(node=0|zone=2) [ 11.305634] page_type: f5(slab) [ 11.305882] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.306230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.306571] page dumped because: kasan: bad access detected [ 11.306783] [ 11.306851] Memory state around the buggy address: [ 11.307017] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 11.307229] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.307442] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.307652] ^ [ 11.307816] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.308264] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.308693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.262575] ================================================================== [ 11.263221] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.263475] Read of size 1 at addr ffff8881025a7fc0 by task kunit_try_catch/211 [ 11.264359] [ 11.264716] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.264769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.264781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.264802] Call Trace: [ 11.264816] <TASK> [ 11.264835] dump_stack_lvl+0x73/0xb0 [ 11.264864] print_report+0xd1/0x650 [ 11.264887] ? __virt_addr_valid+0x1db/0x2d0 [ 11.264909] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.264940] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.264963] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.264982] kasan_report+0x141/0x180 [ 11.265004] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.265025] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.265044] __kasan_check_byte+0x3d/0x50 [ 11.265065] kfree_sensitive+0x22/0x90 [ 11.265088] kmalloc_double_kzfree+0x19c/0x350 [ 11.265106] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.265126] ? __schedule+0x10cc/0x2b60 [ 11.265149] ? __pfx_read_tsc+0x10/0x10 [ 11.265168] ? ktime_get_ts64+0x86/0x230 [ 11.265194] kunit_try_run_case+0x1a5/0x480 [ 11.265219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.265265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.265287] ? __kthread_parkme+0x82/0x180 [ 11.265309] ? preempt_count_sub+0x50/0x80 [ 11.265334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.265381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.265403] kthread+0x337/0x6f0 [ 11.265419] ? trace_preempt_on+0x20/0xc0 [ 11.265442] ? __pfx_kthread+0x10/0x10 [ 11.265459] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.265479] ? calculate_sigpending+0x7b/0xa0 [ 11.265500] ? __pfx_kthread+0x10/0x10 [ 11.265518] ret_from_fork+0x41/0x80 [ 11.265538] ? __pfx_kthread+0x10/0x10 [ 11.265556] ret_from_fork_asm+0x1a/0x30 [ 11.265587] </TASK> [ 11.265597] [ 11.276746] Allocated by task 211: [ 11.277093] kasan_save_stack+0x45/0x70 [ 11.277451] kasan_save_track+0x18/0x40 [ 11.277823] kasan_save_alloc_info+0x3b/0x50 [ 11.278260] __kasan_kmalloc+0xb7/0xc0 [ 11.278536] __kmalloc_cache_noprof+0x189/0x420 [ 11.279030] kmalloc_double_kzfree+0xa9/0x350 [ 11.279515] kunit_try_run_case+0x1a5/0x480 [ 11.279858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.280046] kthread+0x337/0x6f0 [ 11.280185] ret_from_fork+0x41/0x80 [ 11.280324] ret_from_fork_asm+0x1a/0x30 [ 11.280463] [ 11.280532] Freed by task 211: [ 11.280643] kasan_save_stack+0x45/0x70 [ 11.280820] kasan_save_track+0x18/0x40 [ 11.280969] kasan_save_free_info+0x3f/0x60 [ 11.281171] __kasan_slab_free+0x56/0x70 [ 11.281432] kfree+0x222/0x3f0 [ 11.281547] kfree_sensitive+0x67/0x90 [ 11.281740] kmalloc_double_kzfree+0x12b/0x350 [ 11.282036] kunit_try_run_case+0x1a5/0x480 [ 11.282226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.282439] kthread+0x337/0x6f0 [ 11.282556] ret_from_fork+0x41/0x80 [ 11.282697] ret_from_fork_asm+0x1a/0x30 [ 11.282887] [ 11.283046] The buggy address belongs to the object at ffff8881025a7fc0 [ 11.283046] which belongs to the cache kmalloc-16 of size 16 [ 11.283504] The buggy address is located 0 bytes inside of [ 11.283504] freed 16-byte region [ffff8881025a7fc0, ffff8881025a7fd0) [ 11.284277] [ 11.284417] The buggy address belongs to the physical page: [ 11.284667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 11.285095] flags: 0x200000000000000(node=0|zone=2) [ 11.285318] page_type: f5(slab) [ 11.285447] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.285787] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.286203] page dumped because: kasan: bad access detected [ 11.286424] [ 11.286490] Memory state around the buggy address: [ 11.286643] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 11.286928] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.287239] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.287546] ^ [ 11.287752] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.287974] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.288244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.224402] ================================================================== [ 11.225597] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.226477] Read of size 1 at addr ffff888102f66e28 by task kunit_try_catch/207 [ 11.227226] [ 11.227502] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.227571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.227584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.227606] Call Trace: [ 11.227620] <TASK> [ 11.227639] dump_stack_lvl+0x73/0xb0 [ 11.227667] print_report+0xd1/0x650 [ 11.227691] ? __virt_addr_valid+0x1db/0x2d0 [ 11.227745] ? kmalloc_uaf2+0x4a8/0x520 [ 11.227775] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.227798] ? kmalloc_uaf2+0x4a8/0x520 [ 11.227818] kasan_report+0x141/0x180 [ 11.227852] ? kmalloc_uaf2+0x4a8/0x520 [ 11.227877] __asan_report_load1_noabort+0x18/0x20 [ 11.227897] kmalloc_uaf2+0x4a8/0x520 [ 11.227928] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.227947] ? finish_task_switch.isra.0+0x153/0x700 [ 11.227971] ? __switch_to+0x5d9/0xf60 [ 11.227994] ? dequeue_task_fair+0x166/0x4e0 [ 11.228022] ? __schedule+0x10cc/0x2b60 [ 11.228045] ? __pfx_read_tsc+0x10/0x10 [ 11.228066] ? ktime_get_ts64+0x86/0x230 [ 11.228092] kunit_try_run_case+0x1a5/0x480 [ 11.228117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.228138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.228162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.228184] ? __kthread_parkme+0x82/0x180 [ 11.228206] ? preempt_count_sub+0x50/0x80 [ 11.228231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.228259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.228283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.228305] kthread+0x337/0x6f0 [ 11.228322] ? trace_preempt_on+0x20/0xc0 [ 11.228345] ? __pfx_kthread+0x10/0x10 [ 11.228362] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.228384] ? calculate_sigpending+0x7b/0xa0 [ 11.228405] ? __pfx_kthread+0x10/0x10 [ 11.228422] ret_from_fork+0x41/0x80 [ 11.228443] ? __pfx_kthread+0x10/0x10 [ 11.228460] ret_from_fork_asm+0x1a/0x30 [ 11.228490] </TASK> [ 11.228502] [ 11.242128] Allocated by task 207: [ 11.242613] kasan_save_stack+0x45/0x70 [ 11.243296] kasan_save_track+0x18/0x40 [ 11.243738] kasan_save_alloc_info+0x3b/0x50 [ 11.244139] __kasan_kmalloc+0xb7/0xc0 [ 11.244611] __kmalloc_cache_noprof+0x189/0x420 [ 11.245192] kmalloc_uaf2+0xc6/0x520 [ 11.245676] kunit_try_run_case+0x1a5/0x480 [ 11.246050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.246227] kthread+0x337/0x6f0 [ 11.246342] ret_from_fork+0x41/0x80 [ 11.246468] ret_from_fork_asm+0x1a/0x30 [ 11.246632] [ 11.246726] Freed by task 207: [ 11.246911] kasan_save_stack+0x45/0x70 [ 11.247161] kasan_save_track+0x18/0x40 [ 11.247350] kasan_save_free_info+0x3f/0x60 [ 11.247536] __kasan_slab_free+0x56/0x70 [ 11.247753] kfree+0x222/0x3f0 [ 11.248160] kmalloc_uaf2+0x14c/0x520 [ 11.248465] kunit_try_run_case+0x1a5/0x480 [ 11.248706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.249060] kthread+0x337/0x6f0 [ 11.249317] ret_from_fork+0x41/0x80 [ 11.249641] ret_from_fork_asm+0x1a/0x30 [ 11.249993] [ 11.250084] The buggy address belongs to the object at ffff888102f66e00 [ 11.250084] which belongs to the cache kmalloc-64 of size 64 [ 11.250535] The buggy address is located 40 bytes inside of [ 11.250535] freed 64-byte region [ffff888102f66e00, ffff888102f66e40) [ 11.251327] [ 11.251475] The buggy address belongs to the physical page: [ 11.251746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f66 [ 11.252168] flags: 0x200000000000000(node=0|zone=2) [ 11.252338] page_type: f5(slab) [ 11.252570] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.253038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.253441] page dumped because: kasan: bad access detected [ 11.254051] [ 11.254154] Memory state around the buggy address: [ 11.254386] ffff888102f66d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.254833] ffff888102f66d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.255301] >ffff888102f66e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.255647] ^ [ 11.256066] ffff888102f66e80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.256392] ffff888102f66f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.256735] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.198606] ================================================================== [ 11.199178] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.199448] Write of size 33 at addr ffff8881029fb280 by task kunit_try_catch/205 [ 11.199862] [ 11.200297] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.200409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.200423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.200447] Call Trace: [ 11.200462] <TASK> [ 11.200481] dump_stack_lvl+0x73/0xb0 [ 11.200512] print_report+0xd1/0x650 [ 11.200536] ? __virt_addr_valid+0x1db/0x2d0 [ 11.200559] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.200580] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.200675] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.200697] kasan_report+0x141/0x180 [ 11.200734] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.200762] kasan_check_range+0x10c/0x1c0 [ 11.200782] __asan_memset+0x27/0x50 [ 11.200802] kmalloc_uaf_memset+0x1a3/0x360 [ 11.200823] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.200845] ? __schedule+0x10cc/0x2b60 [ 11.200869] ? __pfx_read_tsc+0x10/0x10 [ 11.200889] ? ktime_get_ts64+0x86/0x230 [ 11.200929] kunit_try_run_case+0x1a5/0x480 [ 11.200955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.200977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.201001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.201023] ? __kthread_parkme+0x82/0x180 [ 11.201046] ? preempt_count_sub+0x50/0x80 [ 11.201071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.201094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.201116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.201138] kthread+0x337/0x6f0 [ 11.201155] ? trace_preempt_on+0x20/0xc0 [ 11.201179] ? __pfx_kthread+0x10/0x10 [ 11.201196] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.201217] ? calculate_sigpending+0x7b/0xa0 [ 11.201238] ? __pfx_kthread+0x10/0x10 [ 11.201256] ret_from_fork+0x41/0x80 [ 11.201276] ? __pfx_kthread+0x10/0x10 [ 11.201294] ret_from_fork_asm+0x1a/0x30 [ 11.201325] </TASK> [ 11.201337] [ 11.208766] Allocated by task 205: [ 11.208965] kasan_save_stack+0x45/0x70 [ 11.209184] kasan_save_track+0x18/0x40 [ 11.209318] kasan_save_alloc_info+0x3b/0x50 [ 11.209462] __kasan_kmalloc+0xb7/0xc0 [ 11.209593] __kmalloc_cache_noprof+0x189/0x420 [ 11.209744] kmalloc_uaf_memset+0xa9/0x360 [ 11.210136] kunit_try_run_case+0x1a5/0x480 [ 11.210496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.210882] kthread+0x337/0x6f0 [ 11.211052] ret_from_fork+0x41/0x80 [ 11.211272] ret_from_fork_asm+0x1a/0x30 [ 11.211449] [ 11.211530] Freed by task 205: [ 11.211742] kasan_save_stack+0x45/0x70 [ 11.212038] kasan_save_track+0x18/0x40 [ 11.212213] kasan_save_free_info+0x3f/0x60 [ 11.212369] __kasan_slab_free+0x56/0x70 [ 11.212555] kfree+0x222/0x3f0 [ 11.212681] kmalloc_uaf_memset+0x12b/0x360 [ 11.212941] kunit_try_run_case+0x1a5/0x480 [ 11.213104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.213322] kthread+0x337/0x6f0 [ 11.213441] ret_from_fork+0x41/0x80 [ 11.213673] ret_from_fork_asm+0x1a/0x30 [ 11.213989] [ 11.214083] The buggy address belongs to the object at ffff8881029fb280 [ 11.214083] which belongs to the cache kmalloc-64 of size 64 [ 11.214535] The buggy address is located 0 bytes inside of [ 11.214535] freed 64-byte region [ffff8881029fb280, ffff8881029fb2c0) [ 11.215378] [ 11.215475] The buggy address belongs to the physical page: [ 11.215687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fb [ 11.215941] flags: 0x200000000000000(node=0|zone=2) [ 11.216109] page_type: f5(slab) [ 11.216235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.216471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.216786] page dumped because: kasan: bad access detected [ 11.217218] [ 11.217309] Memory state around the buggy address: [ 11.217531] ffff8881029fb180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.217955] ffff8881029fb200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.218168] >ffff8881029fb280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.218378] ^ [ 11.218489] ffff8881029fb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.218698] ffff8881029fb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.218908] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.159637] ================================================================== [ 11.160825] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.161078] Read of size 1 at addr ffff8881025a7fa8 by task kunit_try_catch/203 [ 11.161304] [ 11.161398] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.161446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.161457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.161478] Call Trace: [ 11.161492] <TASK> [ 11.161510] dump_stack_lvl+0x73/0xb0 [ 11.161536] print_report+0xd1/0x650 [ 11.161559] ? __virt_addr_valid+0x1db/0x2d0 [ 11.161581] ? kmalloc_uaf+0x320/0x380 [ 11.161600] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.161624] ? kmalloc_uaf+0x320/0x380 [ 11.161644] kasan_report+0x141/0x180 [ 11.161666] ? kmalloc_uaf+0x320/0x380 [ 11.161691] __asan_report_load1_noabort+0x18/0x20 [ 11.161711] kmalloc_uaf+0x320/0x380 [ 11.161730] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.161753] ? __schedule+0x10cc/0x2b60 [ 11.161777] ? __pfx_read_tsc+0x10/0x10 [ 11.161798] ? ktime_get_ts64+0x86/0x230 [ 11.161824] kunit_try_run_case+0x1a5/0x480 [ 11.161850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.161871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.161895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.161959] ? __kthread_parkme+0x82/0x180 [ 11.161982] ? preempt_count_sub+0x50/0x80 [ 11.162009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.162034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.162057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.162079] kthread+0x337/0x6f0 [ 11.162096] ? trace_preempt_on+0x20/0xc0 [ 11.162120] ? __pfx_kthread+0x10/0x10 [ 11.162138] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.162159] ? calculate_sigpending+0x7b/0xa0 [ 11.162180] ? __pfx_kthread+0x10/0x10 [ 11.162199] ret_from_fork+0x41/0x80 [ 11.162221] ? __pfx_kthread+0x10/0x10 [ 11.162238] ret_from_fork_asm+0x1a/0x30 [ 11.162282] </TASK> [ 11.162294] [ 11.173463] Allocated by task 203: [ 11.173845] kasan_save_stack+0x45/0x70 [ 11.174211] kasan_save_track+0x18/0x40 [ 11.174544] kasan_save_alloc_info+0x3b/0x50 [ 11.175079] __kasan_kmalloc+0xb7/0xc0 [ 11.175627] __kmalloc_cache_noprof+0x189/0x420 [ 11.176076] kmalloc_uaf+0xaa/0x380 [ 11.176499] kunit_try_run_case+0x1a5/0x480 [ 11.177068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.177717] kthread+0x337/0x6f0 [ 11.178075] ret_from_fork+0x41/0x80 [ 11.178422] ret_from_fork_asm+0x1a/0x30 [ 11.178833] [ 11.179020] Freed by task 203: [ 11.179385] kasan_save_stack+0x45/0x70 [ 11.179831] kasan_save_track+0x18/0x40 [ 11.180320] kasan_save_free_info+0x3f/0x60 [ 11.180877] __kasan_slab_free+0x56/0x70 [ 11.181266] kfree+0x222/0x3f0 [ 11.181574] kmalloc_uaf+0x12c/0x380 [ 11.182053] kunit_try_run_case+0x1a5/0x480 [ 11.182489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.183141] kthread+0x337/0x6f0 [ 11.183472] ret_from_fork+0x41/0x80 [ 11.183904] ret_from_fork_asm+0x1a/0x30 [ 11.184348] [ 11.184582] The buggy address belongs to the object at ffff8881025a7fa0 [ 11.184582] which belongs to the cache kmalloc-16 of size 16 [ 11.185805] The buggy address is located 8 bytes inside of [ 11.185805] freed 16-byte region [ffff8881025a7fa0, ffff8881025a7fb0) [ 11.187053] [ 11.187213] The buggy address belongs to the physical page: [ 11.187744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 11.188268] flags: 0x200000000000000(node=0|zone=2) [ 11.188434] page_type: f5(slab) [ 11.188580] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.189374] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.190079] page dumped because: kasan: bad access detected [ 11.190561] [ 11.190798] Memory state around the buggy address: [ 11.191239] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 11.191448] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.191976] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.192617] ^ [ 11.193058] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.193757] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.194273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.125956] ================================================================== [ 11.127437] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.128493] Read of size 64 at addr ffff8881029fb004 by task kunit_try_catch/201 [ 11.129644] [ 11.129841] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.129895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.129908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.129943] Call Trace: [ 11.129958] <TASK> [ 11.129980] dump_stack_lvl+0x73/0xb0 [ 11.130014] print_report+0xd1/0x650 [ 11.130039] ? __virt_addr_valid+0x1db/0x2d0 [ 11.130063] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.130084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.130113] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.130134] kasan_report+0x141/0x180 [ 11.130156] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.130351] kasan_check_range+0x10c/0x1c0 [ 11.130380] __asan_memmove+0x27/0x70 [ 11.130401] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.130422] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.130443] ? __schedule+0x10cc/0x2b60 [ 11.130468] ? __pfx_read_tsc+0x10/0x10 [ 11.130489] ? ktime_get_ts64+0x86/0x230 [ 11.130516] kunit_try_run_case+0x1a5/0x480 [ 11.130543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.130564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.130589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.130611] ? __kthread_parkme+0x82/0x180 [ 11.130634] ? preempt_count_sub+0x50/0x80 [ 11.130660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.130685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.130708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.130730] kthread+0x337/0x6f0 [ 11.130747] ? trace_preempt_on+0x20/0xc0 [ 11.130771] ? __pfx_kthread+0x10/0x10 [ 11.130789] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.130810] ? calculate_sigpending+0x7b/0xa0 [ 11.130832] ? __pfx_kthread+0x10/0x10 [ 11.130849] ret_from_fork+0x41/0x80 [ 11.130870] ? __pfx_kthread+0x10/0x10 [ 11.130887] ret_from_fork_asm+0x1a/0x30 [ 11.130929] </TASK> [ 11.130942] [ 11.142744] Allocated by task 201: [ 11.143077] kasan_save_stack+0x45/0x70 [ 11.143458] kasan_save_track+0x18/0x40 [ 11.143824] kasan_save_alloc_info+0x3b/0x50 [ 11.144042] __kasan_kmalloc+0xb7/0xc0 [ 11.144221] __kmalloc_cache_noprof+0x189/0x420 [ 11.144439] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.145056] kunit_try_run_case+0x1a5/0x480 [ 11.145374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.145963] kthread+0x337/0x6f0 [ 11.146153] ret_from_fork+0x41/0x80 [ 11.146322] ret_from_fork_asm+0x1a/0x30 [ 11.146497] [ 11.146869] The buggy address belongs to the object at ffff8881029fb000 [ 11.146869] which belongs to the cache kmalloc-64 of size 64 [ 11.147602] The buggy address is located 4 bytes inside of [ 11.147602] allocated 64-byte region [ffff8881029fb000, ffff8881029fb040) [ 11.148188] [ 11.148291] The buggy address belongs to the physical page: [ 11.148525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fb [ 11.149316] flags: 0x200000000000000(node=0|zone=2) [ 11.149851] page_type: f5(slab) [ 11.150161] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.150706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.151323] page dumped because: kasan: bad access detected [ 11.151568] [ 11.151656] Memory state around the buggy address: [ 11.152261] ffff8881029faf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.152570] ffff8881029faf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.152911] >ffff8881029fb000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.153194] ^ [ 11.153419] ffff8881029fb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.154259] ffff8881029fb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.154683] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.084484] ================================================================== [ 11.086187] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.087494] Read of size 18446744073709551614 at addr ffff888102f66b84 by task kunit_try_catch/199 [ 11.089060] [ 11.089312] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.089368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.089380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.089403] Call Trace: [ 11.089420] <TASK> [ 11.089443] dump_stack_lvl+0x73/0xb0 [ 11.089476] print_report+0xd1/0x650 [ 11.089500] ? __virt_addr_valid+0x1db/0x2d0 [ 11.089524] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.089545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.089576] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.089620] kasan_report+0x141/0x180 [ 11.089645] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.089670] kasan_check_range+0x10c/0x1c0 [ 11.089690] __asan_memmove+0x27/0x70 [ 11.089710] kmalloc_memmove_negative_size+0x171/0x330 [ 11.089730] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.089751] ? __schedule+0x10cc/0x2b60 [ 11.089775] ? __pfx_read_tsc+0x10/0x10 [ 11.089795] ? ktime_get_ts64+0x86/0x230 [ 11.089823] kunit_try_run_case+0x1a5/0x480 [ 11.089850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.089871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.089895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.089929] ? __kthread_parkme+0x82/0x180 [ 11.089953] ? preempt_count_sub+0x50/0x80 [ 11.089979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.090003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.090026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.090049] kthread+0x337/0x6f0 [ 11.090065] ? trace_preempt_on+0x20/0xc0 [ 11.090128] ? __pfx_kthread+0x10/0x10 [ 11.090147] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.090168] ? calculate_sigpending+0x7b/0xa0 [ 11.090202] ? __pfx_kthread+0x10/0x10 [ 11.090220] ret_from_fork+0x41/0x80 [ 11.090241] ? __pfx_kthread+0x10/0x10 [ 11.090259] ret_from_fork_asm+0x1a/0x30 [ 11.090291] </TASK> [ 11.090303] [ 11.105383] Allocated by task 199: [ 11.105547] kasan_save_stack+0x45/0x70 [ 11.105946] kasan_save_track+0x18/0x40 [ 11.106304] kasan_save_alloc_info+0x3b/0x50 [ 11.106839] __kasan_kmalloc+0xb7/0xc0 [ 11.107219] __kmalloc_cache_noprof+0x189/0x420 [ 11.107652] kmalloc_memmove_negative_size+0xac/0x330 [ 11.108156] kunit_try_run_case+0x1a5/0x480 [ 11.108574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.109123] kthread+0x337/0x6f0 [ 11.109431] ret_from_fork+0x41/0x80 [ 11.109846] ret_from_fork_asm+0x1a/0x30 [ 11.110210] [ 11.110283] The buggy address belongs to the object at ffff888102f66b80 [ 11.110283] which belongs to the cache kmalloc-64 of size 64 [ 11.110801] The buggy address is located 4 bytes inside of [ 11.110801] 64-byte region [ffff888102f66b80, ffff888102f66bc0) [ 11.112047] [ 11.112255] The buggy address belongs to the physical page: [ 11.112912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f66 [ 11.113404] flags: 0x200000000000000(node=0|zone=2) [ 11.113584] page_type: f5(slab) [ 11.113758] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.114438] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.115348] page dumped because: kasan: bad access detected [ 11.116103] [ 11.116311] Memory state around the buggy address: [ 11.116479] ffff888102f66a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.117203] ffff888102f66b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.118249] >ffff888102f66b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.118724] ^ [ 11.119133] ffff888102f66c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.119744] ffff888102f66c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.120384] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.051529] ================================================================== [ 11.052004] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.052262] Write of size 16 at addr ffff888102f60869 by task kunit_try_catch/197 [ 11.052489] [ 11.052582] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.052634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.052645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.052666] Call Trace: [ 11.052679] <TASK> [ 11.052697] dump_stack_lvl+0x73/0xb0 [ 11.052725] print_report+0xd1/0x650 [ 11.052747] ? __virt_addr_valid+0x1db/0x2d0 [ 11.052769] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.052790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.052813] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.052835] kasan_report+0x141/0x180 [ 11.052857] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.052883] kasan_check_range+0x10c/0x1c0 [ 11.052903] __asan_memset+0x27/0x50 [ 11.052966] kmalloc_oob_memset_16+0x166/0x330 [ 11.052992] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.053015] ? __schedule+0x10cc/0x2b60 [ 11.053038] ? __pfx_read_tsc+0x10/0x10 [ 11.053058] ? ktime_get_ts64+0x86/0x230 [ 11.053084] kunit_try_run_case+0x1a5/0x480 [ 11.053110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.053132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.053156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.053178] ? __kthread_parkme+0x82/0x180 [ 11.053200] ? preempt_count_sub+0x50/0x80 [ 11.053225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.053309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.053333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.053355] kthread+0x337/0x6f0 [ 11.053384] ? trace_preempt_on+0x20/0xc0 [ 11.053407] ? __pfx_kthread+0x10/0x10 [ 11.053425] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.053446] ? calculate_sigpending+0x7b/0xa0 [ 11.053467] ? __pfx_kthread+0x10/0x10 [ 11.053485] ret_from_fork+0x41/0x80 [ 11.053506] ? __pfx_kthread+0x10/0x10 [ 11.053523] ret_from_fork_asm+0x1a/0x30 [ 11.053571] </TASK> [ 11.053583] [ 11.069270] Allocated by task 197: [ 11.069419] kasan_save_stack+0x45/0x70 [ 11.069579] kasan_save_track+0x18/0x40 [ 11.069710] kasan_save_alloc_info+0x3b/0x50 [ 11.069849] __kasan_kmalloc+0xb7/0xc0 [ 11.070199] __kmalloc_cache_noprof+0x189/0x420 [ 11.070611] kmalloc_oob_memset_16+0xac/0x330 [ 11.070857] kunit_try_run_case+0x1a5/0x480 [ 11.071293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.071812] kthread+0x337/0x6f0 [ 11.072043] ret_from_fork+0x41/0x80 [ 11.072442] ret_from_fork_asm+0x1a/0x30 [ 11.072721] [ 11.072965] The buggy address belongs to the object at ffff888102f60800 [ 11.072965] which belongs to the cache kmalloc-128 of size 128 [ 11.073586] The buggy address is located 105 bytes inside of [ 11.073586] allocated 120-byte region [ffff888102f60800, ffff888102f60878) [ 11.074929] [ 11.075082] The buggy address belongs to the physical page: [ 11.075637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 11.076223] flags: 0x200000000000000(node=0|zone=2) [ 11.076835] page_type: f5(slab) [ 11.076972] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.077196] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.077412] page dumped because: kasan: bad access detected [ 11.077584] [ 11.077650] Memory state around the buggy address: [ 11.077801] ffff888102f60700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.078021] ffff888102f60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.078229] >ffff888102f60800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.078433] ^ [ 11.078636] ffff888102f60880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.078840] ffff888102f60900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.079335] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.024882] ================================================================== [ 11.025589] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.025960] Write of size 8 at addr ffff8881029f9171 by task kunit_try_catch/195 [ 11.026349] [ 11.026556] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.026607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.026619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.026822] Call Trace: [ 11.026845] <TASK> [ 11.026865] dump_stack_lvl+0x73/0xb0 [ 11.026896] print_report+0xd1/0x650 [ 11.026929] ? __virt_addr_valid+0x1db/0x2d0 [ 11.026952] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.026974] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.026995] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.027017] kasan_report+0x141/0x180 [ 11.027039] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.027065] kasan_check_range+0x10c/0x1c0 [ 11.027084] __asan_memset+0x27/0x50 [ 11.027105] kmalloc_oob_memset_8+0x166/0x330 [ 11.027381] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.027412] ? __schedule+0x10cc/0x2b60 [ 11.027435] ? __pfx_read_tsc+0x10/0x10 [ 11.027456] ? ktime_get_ts64+0x86/0x230 [ 11.027482] kunit_try_run_case+0x1a5/0x480 [ 11.027508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.027530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.027553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.027576] ? __kthread_parkme+0x82/0x180 [ 11.027597] ? preempt_count_sub+0x50/0x80 [ 11.027624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.027649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.027671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.027693] kthread+0x337/0x6f0 [ 11.027709] ? trace_preempt_on+0x20/0xc0 [ 11.027732] ? __pfx_kthread+0x10/0x10 [ 11.027749] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.027770] ? calculate_sigpending+0x7b/0xa0 [ 11.027791] ? __pfx_kthread+0x10/0x10 [ 11.027808] ret_from_fork+0x41/0x80 [ 11.027829] ? __pfx_kthread+0x10/0x10 [ 11.027846] ret_from_fork_asm+0x1a/0x30 [ 11.027876] </TASK> [ 11.027887] [ 11.037381] Allocated by task 195: [ 11.037580] kasan_save_stack+0x45/0x70 [ 11.037825] kasan_save_track+0x18/0x40 [ 11.038057] kasan_save_alloc_info+0x3b/0x50 [ 11.038582] __kasan_kmalloc+0xb7/0xc0 [ 11.038865] __kmalloc_cache_noprof+0x189/0x420 [ 11.039204] kmalloc_oob_memset_8+0xac/0x330 [ 11.039377] kunit_try_run_case+0x1a5/0x480 [ 11.039594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.040073] kthread+0x337/0x6f0 [ 11.040243] ret_from_fork+0x41/0x80 [ 11.040585] ret_from_fork_asm+0x1a/0x30 [ 11.040893] [ 11.041078] The buggy address belongs to the object at ffff8881029f9100 [ 11.041078] which belongs to the cache kmalloc-128 of size 128 [ 11.041730] The buggy address is located 113 bytes inside of [ 11.041730] allocated 120-byte region [ffff8881029f9100, ffff8881029f9178) [ 11.042433] [ 11.042734] The buggy address belongs to the physical page: [ 11.042989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 11.043347] flags: 0x200000000000000(node=0|zone=2) [ 11.043569] page_type: f5(slab) [ 11.043965] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.044327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.044708] page dumped because: kasan: bad access detected [ 11.044988] [ 11.045074] Memory state around the buggy address: [ 11.045240] ffff8881029f9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.045553] ffff8881029f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.046129] >ffff8881029f9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.046521] ^ [ 11.047031] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.047286] ffff8881029f9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.047571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 10.984783] ================================================================== [ 10.986175] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 10.987678] Write of size 4 at addr ffff888102f60775 by task kunit_try_catch/193 [ 10.988269] [ 10.989048] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.989107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.989120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.989142] Call Trace: [ 10.989156] <TASK> [ 10.989176] dump_stack_lvl+0x73/0xb0 [ 10.989205] print_report+0xd1/0x650 [ 10.989228] ? __virt_addr_valid+0x1db/0x2d0 [ 10.989252] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.989297] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989319] kasan_report+0x141/0x180 [ 10.989341] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989368] kasan_check_range+0x10c/0x1c0 [ 10.989387] __asan_memset+0x27/0x50 [ 10.989407] kmalloc_oob_memset_4+0x166/0x330 [ 10.989430] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 10.989452] ? __schedule+0x10cc/0x2b60 [ 10.989475] ? __pfx_read_tsc+0x10/0x10 [ 10.989496] ? ktime_get_ts64+0x86/0x230 [ 10.989521] kunit_try_run_case+0x1a5/0x480 [ 10.989546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.989633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.989657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.989680] ? __kthread_parkme+0x82/0x180 [ 10.989701] ? preempt_count_sub+0x50/0x80 [ 10.989745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.989769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.989792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.989815] kthread+0x337/0x6f0 [ 10.989831] ? trace_preempt_on+0x20/0xc0 [ 10.989855] ? __pfx_kthread+0x10/0x10 [ 10.989872] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.989893] ? calculate_sigpending+0x7b/0xa0 [ 10.989914] ? __pfx_kthread+0x10/0x10 [ 10.989941] ret_from_fork+0x41/0x80 [ 10.989962] ? __pfx_kthread+0x10/0x10 [ 10.989979] ret_from_fork_asm+0x1a/0x30 [ 10.990011] </TASK> [ 10.990023] [ 11.006449] Allocated by task 193: [ 11.006644] kasan_save_stack+0x45/0x70 [ 11.007438] kasan_save_track+0x18/0x40 [ 11.008015] kasan_save_alloc_info+0x3b/0x50 [ 11.008466] __kasan_kmalloc+0xb7/0xc0 [ 11.008618] __kmalloc_cache_noprof+0x189/0x420 [ 11.009317] kmalloc_oob_memset_4+0xac/0x330 [ 11.009851] kunit_try_run_case+0x1a5/0x480 [ 11.010307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.010488] kthread+0x337/0x6f0 [ 11.010740] ret_from_fork+0x41/0x80 [ 11.011152] ret_from_fork_asm+0x1a/0x30 [ 11.011582] [ 11.011812] The buggy address belongs to the object at ffff888102f60700 [ 11.011812] which belongs to the cache kmalloc-128 of size 128 [ 11.012554] The buggy address is located 117 bytes inside of [ 11.012554] allocated 120-byte region [ffff888102f60700, ffff888102f60778) [ 11.013481] [ 11.013677] The buggy address belongs to the physical page: [ 11.014322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 11.015099] flags: 0x200000000000000(node=0|zone=2) [ 11.015265] page_type: f5(slab) [ 11.015387] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.015629] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.016463] page dumped because: kasan: bad access detected [ 11.017111] [ 11.017301] Memory state around the buggy address: [ 11.017826] ffff888102f60600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.018530] ffff888102f60680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.019380] >ffff888102f60700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.019912] ^ [ 11.020345] ffff888102f60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.020556] ffff888102f60800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.020959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 10.960199] ================================================================== [ 10.960659] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 10.961088] Write of size 2 at addr ffff888102f60677 by task kunit_try_catch/191 [ 10.961394] [ 10.961498] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.961546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.961558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.961580] Call Trace: [ 10.961593] <TASK> [ 10.961613] dump_stack_lvl+0x73/0xb0 [ 10.961642] print_report+0xd1/0x650 [ 10.961665] ? __virt_addr_valid+0x1db/0x2d0 [ 10.961689] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.961710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.961732] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.961754] kasan_report+0x141/0x180 [ 10.961776] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.961802] kasan_check_range+0x10c/0x1c0 [ 10.961822] __asan_memset+0x27/0x50 [ 10.961842] kmalloc_oob_memset_2+0x166/0x330 [ 10.961864] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 10.961888] ? __schedule+0x10cc/0x2b60 [ 10.961911] ? __pfx_read_tsc+0x10/0x10 [ 10.961944] ? ktime_get_ts64+0x86/0x230 [ 10.961971] kunit_try_run_case+0x1a5/0x480 [ 10.961997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.962018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.962043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.962066] ? __kthread_parkme+0x82/0x180 [ 10.962089] ? preempt_count_sub+0x50/0x80 [ 10.962115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.962138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.962160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.962182] kthread+0x337/0x6f0 [ 10.962198] ? trace_preempt_on+0x20/0xc0 [ 10.962223] ? __pfx_kthread+0x10/0x10 [ 10.962240] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.962261] ? calculate_sigpending+0x7b/0xa0 [ 10.962282] ? __pfx_kthread+0x10/0x10 [ 10.962300] ret_from_fork+0x41/0x80 [ 10.962320] ? __pfx_kthread+0x10/0x10 [ 10.962338] ret_from_fork_asm+0x1a/0x30 [ 10.962369] </TASK> [ 10.962380] [ 10.972970] Allocated by task 191: [ 10.973164] kasan_save_stack+0x45/0x70 [ 10.973373] kasan_save_track+0x18/0x40 [ 10.973577] kasan_save_alloc_info+0x3b/0x50 [ 10.973844] __kasan_kmalloc+0xb7/0xc0 [ 10.974031] __kmalloc_cache_noprof+0x189/0x420 [ 10.974208] kmalloc_oob_memset_2+0xac/0x330 [ 10.974406] kunit_try_run_case+0x1a5/0x480 [ 10.974609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.974895] kthread+0x337/0x6f0 [ 10.975029] ret_from_fork+0x41/0x80 [ 10.975159] ret_from_fork_asm+0x1a/0x30 [ 10.975297] [ 10.975390] The buggy address belongs to the object at ffff888102f60600 [ 10.975390] which belongs to the cache kmalloc-128 of size 128 [ 10.975873] The buggy address is located 119 bytes inside of [ 10.975873] allocated 120-byte region [ffff888102f60600, ffff888102f60678) [ 10.976456] [ 10.976532] The buggy address belongs to the physical page: [ 10.977203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 10.977595] flags: 0x200000000000000(node=0|zone=2) [ 10.977962] page_type: f5(slab) [ 10.978148] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.978383] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.978720] page dumped because: kasan: bad access detected [ 10.978978] [ 10.979046] Memory state around the buggy address: [ 10.979201] ffff888102f60500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.979566] ffff888102f60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.980053] >ffff888102f60600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.980376] ^ [ 10.980608] ffff888102f60680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.980938] ffff888102f60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.981252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 10.931666] ================================================================== [ 10.932184] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 10.932442] Write of size 128 at addr ffff8881029f9000 by task kunit_try_catch/189 [ 10.933483] [ 10.933893] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.933959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.933972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.933995] Call Trace: [ 10.934010] <TASK> [ 10.934028] dump_stack_lvl+0x73/0xb0 [ 10.934058] print_report+0xd1/0x650 [ 10.934082] ? __virt_addr_valid+0x1db/0x2d0 [ 10.934105] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.934127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.934149] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.934171] kasan_report+0x141/0x180 [ 10.934193] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.934220] kasan_check_range+0x10c/0x1c0 [ 10.934239] __asan_memset+0x27/0x50 [ 10.934259] kmalloc_oob_in_memset+0x15f/0x320 [ 10.934281] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 10.934303] ? __schedule+0x10cc/0x2b60 [ 10.934327] ? __pfx_read_tsc+0x10/0x10 [ 10.934347] ? ktime_get_ts64+0x86/0x230 [ 10.934372] kunit_try_run_case+0x1a5/0x480 [ 10.934398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.934419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.934443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.934466] ? __kthread_parkme+0x82/0x180 [ 10.934488] ? preempt_count_sub+0x50/0x80 [ 10.934513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.934536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.934748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.934777] kthread+0x337/0x6f0 [ 10.934795] ? trace_preempt_on+0x20/0xc0 [ 10.934855] ? __pfx_kthread+0x10/0x10 [ 10.934875] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.934897] ? calculate_sigpending+0x7b/0xa0 [ 10.934928] ? __pfx_kthread+0x10/0x10 [ 10.934946] ret_from_fork+0x41/0x80 [ 10.934968] ? __pfx_kthread+0x10/0x10 [ 10.934986] ret_from_fork_asm+0x1a/0x30 [ 10.935016] </TASK> [ 10.935028] [ 10.947569] Allocated by task 189: [ 10.948164] kasan_save_stack+0x45/0x70 [ 10.948356] kasan_save_track+0x18/0x40 [ 10.948549] kasan_save_alloc_info+0x3b/0x50 [ 10.948723] __kasan_kmalloc+0xb7/0xc0 [ 10.948986] __kmalloc_cache_noprof+0x189/0x420 [ 10.949184] kmalloc_oob_in_memset+0xac/0x320 [ 10.949374] kunit_try_run_case+0x1a5/0x480 [ 10.949572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.949749] kthread+0x337/0x6f0 [ 10.950040] ret_from_fork+0x41/0x80 [ 10.950244] ret_from_fork_asm+0x1a/0x30 [ 10.950432] [ 10.950509] The buggy address belongs to the object at ffff8881029f9000 [ 10.950509] which belongs to the cache kmalloc-128 of size 128 [ 10.951019] The buggy address is located 0 bytes inside of [ 10.951019] allocated 120-byte region [ffff8881029f9000, ffff8881029f9078) [ 10.951708] [ 10.951805] The buggy address belongs to the physical page: [ 10.952018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 10.952386] flags: 0x200000000000000(node=0|zone=2) [ 10.953095] page_type: f5(slab) [ 10.953271] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.953536] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.953986] page dumped because: kasan: bad access detected [ 10.954235] [ 10.954315] Memory state around the buggy address: [ 10.954515] ffff8881029f8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.954929] ffff8881029f8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.955231] >ffff8881029f9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.955517] ^ [ 10.955820] ffff8881029f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.956089] ffff8881029f9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.956350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 10.901952] ================================================================== [ 10.902390] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 10.902703] Read of size 16 at addr ffff8881025a7f80 by task kunit_try_catch/187 [ 10.902983] [ 10.903104] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.903154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.903166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.903188] Call Trace: [ 10.903200] <TASK> [ 10.903218] dump_stack_lvl+0x73/0xb0 [ 10.903245] print_report+0xd1/0x650 [ 10.903268] ? __virt_addr_valid+0x1db/0x2d0 [ 10.903291] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.903311] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.903333] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.903354] kasan_report+0x141/0x180 [ 10.903376] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.903402] __asan_report_load16_noabort+0x18/0x20 [ 10.903422] kmalloc_uaf_16+0x47b/0x4c0 [ 10.903443] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 10.903465] ? __schedule+0x10cc/0x2b60 [ 10.903487] ? __pfx_read_tsc+0x10/0x10 [ 10.903507] ? ktime_get_ts64+0x86/0x230 [ 10.903533] kunit_try_run_case+0x1a5/0x480 [ 10.903559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.903581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.903604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.903627] ? __kthread_parkme+0x82/0x180 [ 10.903648] ? preempt_count_sub+0x50/0x80 [ 10.903675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.903699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.903723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.903746] kthread+0x337/0x6f0 [ 10.903763] ? trace_preempt_on+0x20/0xc0 [ 10.903787] ? __pfx_kthread+0x10/0x10 [ 10.903805] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.903825] ? calculate_sigpending+0x7b/0xa0 [ 10.903859] ? __pfx_kthread+0x10/0x10 [ 10.903878] ret_from_fork+0x41/0x80 [ 10.903898] ? __pfx_kthread+0x10/0x10 [ 10.903928] ret_from_fork_asm+0x1a/0x30 [ 10.903959] </TASK> [ 10.903971] [ 10.913525] Allocated by task 187: [ 10.913709] kasan_save_stack+0x45/0x70 [ 10.914197] kasan_save_track+0x18/0x40 [ 10.914478] kasan_save_alloc_info+0x3b/0x50 [ 10.914936] __kasan_kmalloc+0xb7/0xc0 [ 10.915195] __kmalloc_cache_noprof+0x189/0x420 [ 10.915411] kmalloc_uaf_16+0x15b/0x4c0 [ 10.915777] kunit_try_run_case+0x1a5/0x480 [ 10.916031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.916394] kthread+0x337/0x6f0 [ 10.916556] ret_from_fork+0x41/0x80 [ 10.916721] ret_from_fork_asm+0x1a/0x30 [ 10.916979] [ 10.917068] Freed by task 187: [ 10.917205] kasan_save_stack+0x45/0x70 [ 10.917380] kasan_save_track+0x18/0x40 [ 10.917556] kasan_save_free_info+0x3f/0x60 [ 10.918167] __kasan_slab_free+0x56/0x70 [ 10.918420] kfree+0x222/0x3f0 [ 10.918711] kmalloc_uaf_16+0x1d6/0x4c0 [ 10.919124] kunit_try_run_case+0x1a5/0x480 [ 10.919485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.920086] kthread+0x337/0x6f0 [ 10.920265] ret_from_fork+0x41/0x80 [ 10.920433] ret_from_fork_asm+0x1a/0x30 [ 10.920682] [ 10.920984] The buggy address belongs to the object at ffff8881025a7f80 [ 10.920984] which belongs to the cache kmalloc-16 of size 16 [ 10.921886] The buggy address is located 0 bytes inside of [ 10.921886] freed 16-byte region [ffff8881025a7f80, ffff8881025a7f90) [ 10.922688] [ 10.922794] The buggy address belongs to the physical page: [ 10.923293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 10.923597] flags: 0x200000000000000(node=0|zone=2) [ 10.924137] page_type: f5(slab) [ 10.924304] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.924571] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.925209] page dumped because: kasan: bad access detected [ 10.925607] [ 10.925759] Memory state around the buggy address: [ 10.925957] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 10.926278] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 10.926566] >ffff8881025a7f80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.927182] ^ [ 10.927313] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.927725] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.928284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 10.877584] ================================================================== [ 10.878364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 10.879201] Write of size 16 at addr ffff88810213bf00 by task kunit_try_catch/185 [ 10.879451] [ 10.879551] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.880069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.880084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.880107] Call Trace: [ 10.880122] <TASK> [ 10.880141] dump_stack_lvl+0x73/0xb0 [ 10.880182] print_report+0xd1/0x650 [ 10.880205] ? __virt_addr_valid+0x1db/0x2d0 [ 10.880229] ? kmalloc_oob_16+0x452/0x4a0 [ 10.880255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.880277] ? kmalloc_oob_16+0x452/0x4a0 [ 10.880298] kasan_report+0x141/0x180 [ 10.880320] ? kmalloc_oob_16+0x452/0x4a0 [ 10.880345] __asan_report_store16_noabort+0x1b/0x30 [ 10.880366] kmalloc_oob_16+0x452/0x4a0 [ 10.880387] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 10.880408] ? __schedule+0x10cc/0x2b60 [ 10.880431] ? __pfx_read_tsc+0x10/0x10 [ 10.880452] ? ktime_get_ts64+0x86/0x230 [ 10.880479] kunit_try_run_case+0x1a5/0x480 [ 10.880505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.880526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.880550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.880572] ? __kthread_parkme+0x82/0x180 [ 10.880595] ? preempt_count_sub+0x50/0x80 [ 10.880622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.880646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.880669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.880692] kthread+0x337/0x6f0 [ 10.880708] ? trace_preempt_on+0x20/0xc0 [ 10.880791] ? __pfx_kthread+0x10/0x10 [ 10.880809] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.880830] ? calculate_sigpending+0x7b/0xa0 [ 10.880852] ? __pfx_kthread+0x10/0x10 [ 10.880870] ret_from_fork+0x41/0x80 [ 10.880891] ? __pfx_kthread+0x10/0x10 [ 10.880908] ret_from_fork_asm+0x1a/0x30 [ 10.880950] </TASK> [ 10.880962] [ 10.888998] Allocated by task 185: [ 10.889200] kasan_save_stack+0x45/0x70 [ 10.889405] kasan_save_track+0x18/0x40 [ 10.889623] kasan_save_alloc_info+0x3b/0x50 [ 10.889807] __kasan_kmalloc+0xb7/0xc0 [ 10.889950] __kmalloc_cache_noprof+0x189/0x420 [ 10.890105] kmalloc_oob_16+0xa8/0x4a0 [ 10.890239] kunit_try_run_case+0x1a5/0x480 [ 10.890420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.890877] kthread+0x337/0x6f0 [ 10.891064] ret_from_fork+0x41/0x80 [ 10.891253] ret_from_fork_asm+0x1a/0x30 [ 10.891446] [ 10.891540] The buggy address belongs to the object at ffff88810213bf00 [ 10.891540] which belongs to the cache kmalloc-16 of size 16 [ 10.892329] The buggy address is located 0 bytes inside of [ 10.892329] allocated 13-byte region [ffff88810213bf00, ffff88810213bf0d) [ 10.892907] [ 10.893003] The buggy address belongs to the physical page: [ 10.893225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10213b [ 10.893536] flags: 0x200000000000000(node=0|zone=2) [ 10.893844] page_type: f5(slab) [ 10.894011] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.894311] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.894640] page dumped because: kasan: bad access detected [ 10.894811] [ 10.894879] Memory state around the buggy address: [ 10.895044] ffff88810213be00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 10.895260] ffff88810213be80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 10.895570] >ffff88810213bf00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 10.896034] ^ [ 10.896204] ffff88810213bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.896782] ffff88810213c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.897174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 10.838343] ================================================================== [ 10.839018] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 10.839669] Read of size 1 at addr ffff8881009a2e00 by task kunit_try_catch/183 [ 10.840293] [ 10.840438] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.840485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.840496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.840531] Call Trace: [ 10.840543] <TASK> [ 10.840561] dump_stack_lvl+0x73/0xb0 [ 10.840589] print_report+0xd1/0x650 [ 10.840654] ? __virt_addr_valid+0x1db/0x2d0 [ 10.840678] ? krealloc_uaf+0x53c/0x5e0 [ 10.840695] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.840717] ? krealloc_uaf+0x53c/0x5e0 [ 10.840735] kasan_report+0x141/0x180 [ 10.840756] ? krealloc_uaf+0x53c/0x5e0 [ 10.840779] __asan_report_load1_noabort+0x18/0x20 [ 10.840799] krealloc_uaf+0x53c/0x5e0 [ 10.840907] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.840940] ? finish_task_switch.isra.0+0x153/0x700 [ 10.840967] ? __switch_to+0x5d9/0xf60 [ 10.840989] ? dequeue_task_fair+0x166/0x4e0 [ 10.841014] ? __schedule+0x10cc/0x2b60 [ 10.841037] ? __pfx_read_tsc+0x10/0x10 [ 10.841057] ? ktime_get_ts64+0x86/0x230 [ 10.841083] kunit_try_run_case+0x1a5/0x480 [ 10.841109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.841130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.841155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.841177] ? __kthread_parkme+0x82/0x180 [ 10.841200] ? preempt_count_sub+0x50/0x80 [ 10.841224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.841247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.841269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.841549] kthread+0x337/0x6f0 [ 10.841571] ? trace_preempt_on+0x20/0xc0 [ 10.841600] ? __pfx_kthread+0x10/0x10 [ 10.841618] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.841640] ? calculate_sigpending+0x7b/0xa0 [ 10.841661] ? __pfx_kthread+0x10/0x10 [ 10.841679] ret_from_fork+0x41/0x80 [ 10.841700] ? __pfx_kthread+0x10/0x10 [ 10.841727] ret_from_fork_asm+0x1a/0x30 [ 10.841758] </TASK> [ 10.841769] [ 10.855927] Allocated by task 183: [ 10.856328] kasan_save_stack+0x45/0x70 [ 10.856488] kasan_save_track+0x18/0x40 [ 10.857004] kasan_save_alloc_info+0x3b/0x50 [ 10.857414] __kasan_kmalloc+0xb7/0xc0 [ 10.857550] __kmalloc_cache_noprof+0x189/0x420 [ 10.857700] krealloc_uaf+0xbb/0x5e0 [ 10.858398] kunit_try_run_case+0x1a5/0x480 [ 10.858950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.859635] kthread+0x337/0x6f0 [ 10.860101] ret_from_fork+0x41/0x80 [ 10.860239] ret_from_fork_asm+0x1a/0x30 [ 10.860381] [ 10.860450] Freed by task 183: [ 10.860557] kasan_save_stack+0x45/0x70 [ 10.860688] kasan_save_track+0x18/0x40 [ 10.861469] kasan_save_free_info+0x3f/0x60 [ 10.862029] __kasan_slab_free+0x56/0x70 [ 10.862508] kfree+0x222/0x3f0 [ 10.862969] krealloc_uaf+0x13d/0x5e0 [ 10.863458] kunit_try_run_case+0x1a5/0x480 [ 10.864009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.864631] kthread+0x337/0x6f0 [ 10.864984] ret_from_fork+0x41/0x80 [ 10.865117] ret_from_fork_asm+0x1a/0x30 [ 10.865251] [ 10.865321] The buggy address belongs to the object at ffff8881009a2e00 [ 10.865321] which belongs to the cache kmalloc-256 of size 256 [ 10.865673] The buggy address is located 0 bytes inside of [ 10.865673] freed 256-byte region [ffff8881009a2e00, ffff8881009a2f00) [ 10.866134] [ 10.866288] The buggy address belongs to the physical page: [ 10.866503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.866978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.867412] flags: 0x200000000000040(head|node=0|zone=2) [ 10.867761] page_type: f5(slab) [ 10.867949] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.868320] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.868638] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.869094] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.869439] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.869769] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.870506] page dumped because: kasan: bad access detected [ 10.871058] [ 10.871254] Memory state around the buggy address: [ 10.871705] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.872262] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.872746] >ffff8881009a2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.873126] ^ [ 10.873306] ffff8881009a2e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.873762] ffff8881009a2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.874221] ================================================================== [ 10.798195] ================================================================== [ 10.798688] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 10.799357] Read of size 1 at addr ffff8881009a2e00 by task kunit_try_catch/183 [ 10.799830] [ 10.800102] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.800154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.800166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.800187] Call Trace: [ 10.800199] <TASK> [ 10.800218] dump_stack_lvl+0x73/0xb0 [ 10.800246] print_report+0xd1/0x650 [ 10.800273] ? __virt_addr_valid+0x1db/0x2d0 [ 10.800295] ? krealloc_uaf+0x1b8/0x5e0 [ 10.800312] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.800334] ? krealloc_uaf+0x1b8/0x5e0 [ 10.800352] kasan_report+0x141/0x180 [ 10.800374] ? krealloc_uaf+0x1b8/0x5e0 [ 10.800394] ? krealloc_uaf+0x1b8/0x5e0 [ 10.800412] __kasan_check_byte+0x3d/0x50 [ 10.800435] krealloc_noprof+0x3f/0x340 [ 10.800459] krealloc_uaf+0x1b8/0x5e0 [ 10.800476] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.800493] ? finish_task_switch.isra.0+0x153/0x700 [ 10.800517] ? __switch_to+0x5d9/0xf60 [ 10.800539] ? dequeue_task_fair+0x166/0x4e0 [ 10.800573] ? __schedule+0x10cc/0x2b60 [ 10.800596] ? __pfx_read_tsc+0x10/0x10 [ 10.800615] ? ktime_get_ts64+0x86/0x230 [ 10.800641] kunit_try_run_case+0x1a5/0x480 [ 10.800666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.800688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.800711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.800734] ? __kthread_parkme+0x82/0x180 [ 10.800755] ? preempt_count_sub+0x50/0x80 [ 10.800779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.800801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.800824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.800846] kthread+0x337/0x6f0 [ 10.800862] ? trace_preempt_on+0x20/0xc0 [ 10.800885] ? __pfx_kthread+0x10/0x10 [ 10.800904] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.800936] ? calculate_sigpending+0x7b/0xa0 [ 10.800960] ? __pfx_kthread+0x10/0x10 [ 10.800978] ret_from_fork+0x41/0x80 [ 10.800998] ? __pfx_kthread+0x10/0x10 [ 10.801016] ret_from_fork_asm+0x1a/0x30 [ 10.801046] </TASK> [ 10.801058] [ 10.815246] Allocated by task 183: [ 10.815625] kasan_save_stack+0x45/0x70 [ 10.816080] kasan_save_track+0x18/0x40 [ 10.816444] kasan_save_alloc_info+0x3b/0x50 [ 10.816951] __kasan_kmalloc+0xb7/0xc0 [ 10.817265] __kmalloc_cache_noprof+0x189/0x420 [ 10.817517] krealloc_uaf+0xbb/0x5e0 [ 10.817656] kunit_try_run_case+0x1a5/0x480 [ 10.818127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.818671] kthread+0x337/0x6f0 [ 10.818998] ret_from_fork+0x41/0x80 [ 10.819332] ret_from_fork_asm+0x1a/0x30 [ 10.819675] [ 10.819845] Freed by task 183: [ 10.820084] kasan_save_stack+0x45/0x70 [ 10.820408] kasan_save_track+0x18/0x40 [ 10.820778] kasan_save_free_info+0x3f/0x60 [ 10.821071] __kasan_slab_free+0x56/0x70 [ 10.821447] kfree+0x222/0x3f0 [ 10.821726] krealloc_uaf+0x13d/0x5e0 [ 10.821884] kunit_try_run_case+0x1a5/0x480 [ 10.822179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.822694] kthread+0x337/0x6f0 [ 10.823067] ret_from_fork+0x41/0x80 [ 10.823450] ret_from_fork_asm+0x1a/0x30 [ 10.823628] [ 10.823812] The buggy address belongs to the object at ffff8881009a2e00 [ 10.823812] which belongs to the cache kmalloc-256 of size 256 [ 10.824992] The buggy address is located 0 bytes inside of [ 10.824992] freed 256-byte region [ffff8881009a2e00, ffff8881009a2f00) [ 10.825551] [ 10.825727] The buggy address belongs to the physical page: [ 10.826293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.827022] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.827799] flags: 0x200000000000040(head|node=0|zone=2) [ 10.828305] page_type: f5(slab) [ 10.828432] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.828843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.829731] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.830642] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.831446] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.832047] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.832618] page dumped because: kasan: bad access detected [ 10.833172] [ 10.833329] Memory state around the buggy address: [ 10.833526] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.834114] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.834889] >ffff8881009a2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.835478] ^ [ 10.835609] ffff8881009a2e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.836180] ffff8881009a2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.836935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 10.603872] ================================================================== [ 10.604527] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.605065] Write of size 1 at addr ffff8881009a2cda by task kunit_try_catch/177 [ 10.605289] [ 10.605376] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.605420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.605430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.605450] Call Trace: [ 10.605463] <TASK> [ 10.605480] dump_stack_lvl+0x73/0xb0 [ 10.605506] print_report+0xd1/0x650 [ 10.605528] ? __virt_addr_valid+0x1db/0x2d0 [ 10.605570] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.605590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.605612] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.605632] kasan_report+0x141/0x180 [ 10.605656] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.605683] __asan_report_store1_noabort+0x1b/0x30 [ 10.605706] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.605728] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.605748] ? finish_task_switch.isra.0+0x153/0x700 [ 10.605770] ? __switch_to+0x5d9/0xf60 [ 10.605790] ? dequeue_task_fair+0x166/0x4e0 [ 10.605814] ? __schedule+0x10cc/0x2b60 [ 10.605836] ? __pfx_read_tsc+0x10/0x10 [ 10.605859] krealloc_less_oob+0x1c/0x30 [ 10.605894] kunit_try_run_case+0x1a5/0x480 [ 10.605928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.605951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.605973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.605996] ? __kthread_parkme+0x82/0x180 [ 10.606017] ? preempt_count_sub+0x50/0x80 [ 10.606040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.606063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.606105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.606133] kthread+0x337/0x6f0 [ 10.606150] ? trace_preempt_on+0x20/0xc0 [ 10.606172] ? __pfx_kthread+0x10/0x10 [ 10.606190] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.606210] ? calculate_sigpending+0x7b/0xa0 [ 10.606231] ? __pfx_kthread+0x10/0x10 [ 10.606249] ret_from_fork+0x41/0x80 [ 10.606269] ? __pfx_kthread+0x10/0x10 [ 10.606286] ret_from_fork_asm+0x1a/0x30 [ 10.606316] </TASK> [ 10.606326] [ 10.613448] Allocated by task 177: [ 10.613640] kasan_save_stack+0x45/0x70 [ 10.613786] kasan_save_track+0x18/0x40 [ 10.613988] kasan_save_alloc_info+0x3b/0x50 [ 10.614200] __kasan_krealloc+0x190/0x1f0 [ 10.614366] krealloc_noprof+0xf3/0x340 [ 10.614501] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.614750] krealloc_less_oob+0x1c/0x30 [ 10.614949] kunit_try_run_case+0x1a5/0x480 [ 10.615129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.615301] kthread+0x337/0x6f0 [ 10.615438] ret_from_fork+0x41/0x80 [ 10.615645] ret_from_fork_asm+0x1a/0x30 [ 10.615840] [ 10.615946] The buggy address belongs to the object at ffff8881009a2c00 [ 10.615946] which belongs to the cache kmalloc-256 of size 256 [ 10.616439] The buggy address is located 17 bytes to the right of [ 10.616439] allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9) [ 10.616963] [ 10.617038] The buggy address belongs to the physical page: [ 10.617270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.617515] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.617872] flags: 0x200000000000040(head|node=0|zone=2) [ 10.618135] page_type: f5(slab) [ 10.618286] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.618606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.618858] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.619214] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.619474] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.619728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.620020] page dumped because: kasan: bad access detected [ 10.620280] [ 10.620371] Memory state around the buggy address: [ 10.620621] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.620949] ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.621261] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.621597] ^ [ 10.621835] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.622096] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.622392] ================================================================== [ 10.724940] ================================================================== [ 10.725274] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.725643] Write of size 1 at addr ffff8881028960d0 by task kunit_try_catch/181 [ 10.725934] [ 10.726047] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.726091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.726103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.726122] Call Trace: [ 10.726138] <TASK> [ 10.726155] dump_stack_lvl+0x73/0xb0 [ 10.726178] print_report+0xd1/0x650 [ 10.726200] ? __virt_addr_valid+0x1db/0x2d0 [ 10.726222] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.726241] ? kasan_addr_to_slab+0x11/0xa0 [ 10.726262] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.726282] kasan_report+0x141/0x180 [ 10.726304] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.726328] __asan_report_store1_noabort+0x1b/0x30 [ 10.726348] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.726370] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.726390] ? finish_task_switch.isra.0+0x153/0x700 [ 10.726414] ? __switch_to+0x5d9/0xf60 [ 10.726435] ? dequeue_task_fair+0x156/0x4e0 [ 10.726459] ? __schedule+0x10cc/0x2b60 [ 10.726482] ? __pfx_read_tsc+0x10/0x10 [ 10.726504] krealloc_large_less_oob+0x1c/0x30 [ 10.726523] kunit_try_run_case+0x1a5/0x480 [ 10.726548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.726569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.726592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.726614] ? __kthread_parkme+0x82/0x180 [ 10.726635] ? preempt_count_sub+0x50/0x80 [ 10.726659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.726681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.726703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.726725] kthread+0x337/0x6f0 [ 10.726742] ? trace_preempt_on+0x20/0xc0 [ 10.726764] ? __pfx_kthread+0x10/0x10 [ 10.726781] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.726802] ? calculate_sigpending+0x7b/0xa0 [ 10.726822] ? __pfx_kthread+0x10/0x10 [ 10.726840] ret_from_fork+0x41/0x80 [ 10.726861] ? __pfx_kthread+0x10/0x10 [ 10.726878] ret_from_fork_asm+0x1a/0x30 [ 10.726907] </TASK> [ 10.726927] [ 10.734696] The buggy address belongs to the physical page: [ 10.735002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 10.735304] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.735647] flags: 0x200000000000040(head|node=0|zone=2) [ 10.735910] page_type: f8(unknown) [ 10.736105] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.736412] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.736793] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.737108] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.737365] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff [ 10.737619] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.738101] page dumped because: kasan: bad access detected [ 10.738356] [ 10.738449] Memory state around the buggy address: [ 10.738671] ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.739048] ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.739290] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.739512] ^ [ 10.739864] ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.740198] ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.740505] ================================================================== [ 10.740956] ================================================================== [ 10.741233] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.741559] Write of size 1 at addr ffff8881028960da by task kunit_try_catch/181 [ 10.741925] [ 10.742039] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.742081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.742091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.742110] Call Trace: [ 10.742124] <TASK> [ 10.742137] dump_stack_lvl+0x73/0xb0 [ 10.742160] print_report+0xd1/0x650 [ 10.742183] ? __virt_addr_valid+0x1db/0x2d0 [ 10.742204] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.742224] ? kasan_addr_to_slab+0x11/0xa0 [ 10.742244] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.742263] kasan_report+0x141/0x180 [ 10.742285] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.742312] __asan_report_store1_noabort+0x1b/0x30 [ 10.742335] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.742357] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.742377] ? finish_task_switch.isra.0+0x153/0x700 [ 10.742400] ? __switch_to+0x5d9/0xf60 [ 10.742421] ? dequeue_task_fair+0x156/0x4e0 [ 10.742444] ? __schedule+0x10cc/0x2b60 [ 10.742467] ? __pfx_read_tsc+0x10/0x10 [ 10.742489] krealloc_large_less_oob+0x1c/0x30 [ 10.742508] kunit_try_run_case+0x1a5/0x480 [ 10.742532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.742553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.742577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.742620] ? __kthread_parkme+0x82/0x180 [ 10.742642] ? preempt_count_sub+0x50/0x80 [ 10.742667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.742690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.742773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.742797] kthread+0x337/0x6f0 [ 10.742815] ? trace_preempt_on+0x20/0xc0 [ 10.742838] ? __pfx_kthread+0x10/0x10 [ 10.742856] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.742877] ? calculate_sigpending+0x7b/0xa0 [ 10.742898] ? __pfx_kthread+0x10/0x10 [ 10.742926] ret_from_fork+0x41/0x80 [ 10.742947] ? __pfx_kthread+0x10/0x10 [ 10.742965] ret_from_fork_asm+0x1a/0x30 [ 10.742995] </TASK> [ 10.743005] [ 10.750605] The buggy address belongs to the physical page: [ 10.750851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 10.751227] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.751519] flags: 0x200000000000040(head|node=0|zone=2) [ 10.751732] page_type: f8(unknown) [ 10.751861] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.752332] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.752758] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.753107] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.753394] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff [ 10.753699] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.754329] page dumped because: kasan: bad access detected [ 10.754552] [ 10.754620] Memory state around the buggy address: [ 10.754773] ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.755184] ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.755508] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.755889] ^ [ 10.756134] ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.756426] ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.756775] ================================================================== [ 10.708040] ================================================================== [ 10.708500] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.708835] Write of size 1 at addr ffff8881028960c9 by task kunit_try_catch/181 [ 10.709145] [ 10.709249] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.709297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.709308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.709329] Call Trace: [ 10.709341] <TASK> [ 10.709357] dump_stack_lvl+0x73/0xb0 [ 10.709383] print_report+0xd1/0x650 [ 10.709405] ? __virt_addr_valid+0x1db/0x2d0 [ 10.709427] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.709446] ? kasan_addr_to_slab+0x11/0xa0 [ 10.709466] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.709486] kasan_report+0x141/0x180 [ 10.709508] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.709531] __asan_report_store1_noabort+0x1b/0x30 [ 10.709552] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.709573] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.709593] ? finish_task_switch.isra.0+0x153/0x700 [ 10.709616] ? __switch_to+0x5d9/0xf60 [ 10.709637] ? dequeue_task_fair+0x156/0x4e0 [ 10.709661] ? __schedule+0x10cc/0x2b60 [ 10.709683] ? __pfx_read_tsc+0x10/0x10 [ 10.709705] krealloc_large_less_oob+0x1c/0x30 [ 10.709724] kunit_try_run_case+0x1a5/0x480 [ 10.709749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.709770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.709793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.709815] ? __kthread_parkme+0x82/0x180 [ 10.709836] ? preempt_count_sub+0x50/0x80 [ 10.709861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.709883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.709905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.709961] kthread+0x337/0x6f0 [ 10.709978] ? trace_preempt_on+0x20/0xc0 [ 10.710002] ? __pfx_kthread+0x10/0x10 [ 10.710019] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.710040] ? calculate_sigpending+0x7b/0xa0 [ 10.710061] ? __pfx_kthread+0x10/0x10 [ 10.710093] ret_from_fork+0x41/0x80 [ 10.710115] ? __pfx_kthread+0x10/0x10 [ 10.710132] ret_from_fork_asm+0x1a/0x30 [ 10.710174] </TASK> [ 10.710185] [ 10.718173] The buggy address belongs to the physical page: [ 10.718431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 10.719072] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.719359] flags: 0x200000000000040(head|node=0|zone=2) [ 10.719617] page_type: f8(unknown) [ 10.719753] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.720156] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.720477] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.720876] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.721188] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff [ 10.721504] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.721891] page dumped because: kasan: bad access detected [ 10.722115] [ 10.722183] Memory state around the buggy address: [ 10.722340] ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.722687] ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.723071] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.723378] ^ [ 10.723602] ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.724181] ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.724474] ================================================================== [ 10.572282] ================================================================== [ 10.572939] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.573191] Write of size 1 at addr ffff8881009a2cd0 by task kunit_try_catch/177 [ 10.573413] [ 10.573502] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.573546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.573583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.573603] Call Trace: [ 10.573616] <TASK> [ 10.573633] dump_stack_lvl+0x73/0xb0 [ 10.573657] print_report+0xd1/0x650 [ 10.573679] ? __virt_addr_valid+0x1db/0x2d0 [ 10.573700] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.573737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.573759] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.573780] kasan_report+0x141/0x180 [ 10.573802] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.573826] __asan_report_store1_noabort+0x1b/0x30 [ 10.573845] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.573867] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.573886] ? finish_task_switch.isra.0+0x153/0x700 [ 10.573909] ? __switch_to+0x5d9/0xf60 [ 10.573939] ? dequeue_task_fair+0x166/0x4e0 [ 10.573961] ? __schedule+0x10cc/0x2b60 [ 10.573984] ? __pfx_read_tsc+0x10/0x10 [ 10.574006] krealloc_less_oob+0x1c/0x30 [ 10.574023] kunit_try_run_case+0x1a5/0x480 [ 10.574048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.574069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.574092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.574114] ? __kthread_parkme+0x82/0x180 [ 10.574135] ? preempt_count_sub+0x50/0x80 [ 10.574158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.574181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.574204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.574226] kthread+0x337/0x6f0 [ 10.574242] ? trace_preempt_on+0x20/0xc0 [ 10.574265] ? __pfx_kthread+0x10/0x10 [ 10.574282] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.574303] ? calculate_sigpending+0x7b/0xa0 [ 10.574324] ? __pfx_kthread+0x10/0x10 [ 10.574341] ret_from_fork+0x41/0x80 [ 10.574361] ? __pfx_kthread+0x10/0x10 [ 10.574378] ret_from_fork_asm+0x1a/0x30 [ 10.574407] </TASK> [ 10.574418] [ 10.587723] Allocated by task 177: [ 10.588069] kasan_save_stack+0x45/0x70 [ 10.588346] kasan_save_track+0x18/0x40 [ 10.588480] kasan_save_alloc_info+0x3b/0x50 [ 10.588782] __kasan_krealloc+0x190/0x1f0 [ 10.589149] krealloc_noprof+0xf3/0x340 [ 10.589508] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.589942] krealloc_less_oob+0x1c/0x30 [ 10.590290] kunit_try_run_case+0x1a5/0x480 [ 10.590435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.590724] kthread+0x337/0x6f0 [ 10.591018] ret_from_fork+0x41/0x80 [ 10.591333] ret_from_fork_asm+0x1a/0x30 [ 10.591700] [ 10.591853] The buggy address belongs to the object at ffff8881009a2c00 [ 10.591853] which belongs to the cache kmalloc-256 of size 256 [ 10.592544] The buggy address is located 7 bytes to the right of [ 10.592544] allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9) [ 10.593628] [ 10.593784] The buggy address belongs to the physical page: [ 10.594013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.594255] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.594481] flags: 0x200000000000040(head|node=0|zone=2) [ 10.594880] page_type: f5(slab) [ 10.595193] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.595849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.596485] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.597152] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.597813] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.598446] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.598942] page dumped because: kasan: bad access detected [ 10.599113] [ 10.599180] Memory state around the buggy address: [ 10.599335] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.599570] ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.600156] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.600762] ^ [ 10.601246] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.601848] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.602445] ================================================================== [ 10.757181] ================================================================== [ 10.757454] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.757852] Write of size 1 at addr ffff8881028960ea by task kunit_try_catch/181 [ 10.758173] [ 10.758280] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.758322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.758333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.758353] Call Trace: [ 10.758369] <TASK> [ 10.758385] dump_stack_lvl+0x73/0xb0 [ 10.758407] print_report+0xd1/0x650 [ 10.758431] ? __virt_addr_valid+0x1db/0x2d0 [ 10.758452] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.758471] ? kasan_addr_to_slab+0x11/0xa0 [ 10.758491] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.758511] kasan_report+0x141/0x180 [ 10.758532] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.758557] __asan_report_store1_noabort+0x1b/0x30 [ 10.758577] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.758621] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.758640] ? finish_task_switch.isra.0+0x153/0x700 [ 10.758663] ? __switch_to+0x5d9/0xf60 [ 10.758684] ? dequeue_task_fair+0x156/0x4e0 [ 10.758767] ? __schedule+0x10cc/0x2b60 [ 10.758792] ? __pfx_read_tsc+0x10/0x10 [ 10.758815] krealloc_large_less_oob+0x1c/0x30 [ 10.758835] kunit_try_run_case+0x1a5/0x480 [ 10.758859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.758881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.758904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.758937] ? __kthread_parkme+0x82/0x180 [ 10.758958] ? preempt_count_sub+0x50/0x80 [ 10.758982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.759005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.759027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.759049] kthread+0x337/0x6f0 [ 10.759065] ? trace_preempt_on+0x20/0xc0 [ 10.759087] ? __pfx_kthread+0x10/0x10 [ 10.759105] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.759125] ? calculate_sigpending+0x7b/0xa0 [ 10.759146] ? __pfx_kthread+0x10/0x10 [ 10.759164] ret_from_fork+0x41/0x80 [ 10.759184] ? __pfx_kthread+0x10/0x10 [ 10.759201] ret_from_fork_asm+0x1a/0x30 [ 10.759232] </TASK> [ 10.759242] [ 10.766969] The buggy address belongs to the physical page: [ 10.767195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 10.767450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.768061] flags: 0x200000000000040(head|node=0|zone=2) [ 10.768284] page_type: f8(unknown) [ 10.768440] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.768802] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.769057] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.769398] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.769709] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff [ 10.770016] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.770247] page dumped because: kasan: bad access detected [ 10.770418] [ 10.770486] Memory state around the buggy address: [ 10.770799] ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.771125] ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.771439] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.771753] ^ [ 10.771970] ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.772184] ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.772404] ================================================================== [ 10.642093] ================================================================== [ 10.642438] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.642778] Write of size 1 at addr ffff8881009a2ceb by task kunit_try_catch/177 [ 10.643083] [ 10.643189] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.643231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.643241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.643260] Call Trace: [ 10.643275] <TASK> [ 10.643289] dump_stack_lvl+0x73/0xb0 [ 10.643311] print_report+0xd1/0x650 [ 10.643332] ? __virt_addr_valid+0x1db/0x2d0 [ 10.643352] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.643371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.643393] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.643413] kasan_report+0x141/0x180 [ 10.643434] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.643458] __asan_report_store1_noabort+0x1b/0x30 [ 10.643478] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.643499] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.643519] ? finish_task_switch.isra.0+0x153/0x700 [ 10.643541] ? __switch_to+0x5d9/0xf60 [ 10.643560] ? dequeue_task_fair+0x166/0x4e0 [ 10.643583] ? __schedule+0x10cc/0x2b60 [ 10.643605] ? __pfx_read_tsc+0x10/0x10 [ 10.643626] krealloc_less_oob+0x1c/0x30 [ 10.643643] kunit_try_run_case+0x1a5/0x480 [ 10.643666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.643687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.643709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.643731] ? __kthread_parkme+0x82/0x180 [ 10.643751] ? preempt_count_sub+0x50/0x80 [ 10.643774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.643796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.643817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.643839] kthread+0x337/0x6f0 [ 10.643856] ? trace_preempt_on+0x20/0xc0 [ 10.643878] ? __pfx_kthread+0x10/0x10 [ 10.643895] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.644322] ? calculate_sigpending+0x7b/0xa0 [ 10.644358] ? __pfx_kthread+0x10/0x10 [ 10.644377] ret_from_fork+0x41/0x80 [ 10.644399] ? __pfx_kthread+0x10/0x10 [ 10.644416] ret_from_fork_asm+0x1a/0x30 [ 10.644445] </TASK> [ 10.644456] [ 10.651566] Allocated by task 177: [ 10.651735] kasan_save_stack+0x45/0x70 [ 10.651902] kasan_save_track+0x18/0x40 [ 10.652093] kasan_save_alloc_info+0x3b/0x50 [ 10.652295] __kasan_krealloc+0x190/0x1f0 [ 10.652479] krealloc_noprof+0xf3/0x340 [ 10.652678] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.652875] krealloc_less_oob+0x1c/0x30 [ 10.653054] kunit_try_run_case+0x1a5/0x480 [ 10.653200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.653443] kthread+0x337/0x6f0 [ 10.653638] ret_from_fork+0x41/0x80 [ 10.653819] ret_from_fork_asm+0x1a/0x30 [ 10.653966] [ 10.654038] The buggy address belongs to the object at ffff8881009a2c00 [ 10.654038] which belongs to the cache kmalloc-256 of size 256 [ 10.654574] The buggy address is located 34 bytes to the right of [ 10.654574] allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9) [ 10.655064] [ 10.655158] The buggy address belongs to the physical page: [ 10.655390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.655722] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.656030] flags: 0x200000000000040(head|node=0|zone=2) [ 10.656286] page_type: f5(slab) [ 10.656450] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.656788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.657091] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.657357] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.657610] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.657839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.658076] page dumped because: kasan: bad access detected [ 10.658328] [ 10.658419] Memory state around the buggy address: [ 10.658666] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.658990] ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.659255] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.659464] ^ [ 10.659685] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.659903] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.660229] ================================================================== [ 10.622983] ================================================================== [ 10.623339] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.624023] Write of size 1 at addr ffff8881009a2cea by task kunit_try_catch/177 [ 10.624324] [ 10.624429] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.624473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.624484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.624503] Call Trace: [ 10.624518] <TASK> [ 10.624535] dump_stack_lvl+0x73/0xb0 [ 10.624583] print_report+0xd1/0x650 [ 10.624605] ? __virt_addr_valid+0x1db/0x2d0 [ 10.624627] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.624646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.624668] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.624688] kasan_report+0x141/0x180 [ 10.624710] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.624734] __asan_report_store1_noabort+0x1b/0x30 [ 10.624754] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.624776] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.624797] ? finish_task_switch.isra.0+0x153/0x700 [ 10.624820] ? __switch_to+0x5d9/0xf60 [ 10.624839] ? dequeue_task_fair+0x166/0x4e0 [ 10.624863] ? __schedule+0x10cc/0x2b60 [ 10.624885] ? __pfx_read_tsc+0x10/0x10 [ 10.624907] krealloc_less_oob+0x1c/0x30 [ 10.624934] kunit_try_run_case+0x1a5/0x480 [ 10.624958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.624980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.625002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.625025] ? __kthread_parkme+0x82/0x180 [ 10.625045] ? preempt_count_sub+0x50/0x80 [ 10.625069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.625091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.625113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.625135] kthread+0x337/0x6f0 [ 10.625151] ? trace_preempt_on+0x20/0xc0 [ 10.625174] ? __pfx_kthread+0x10/0x10 [ 10.625191] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.625211] ? calculate_sigpending+0x7b/0xa0 [ 10.625232] ? __pfx_kthread+0x10/0x10 [ 10.625250] ret_from_fork+0x41/0x80 [ 10.625269] ? __pfx_kthread+0x10/0x10 [ 10.625286] ret_from_fork_asm+0x1a/0x30 [ 10.625316] </TASK> [ 10.625326] [ 10.632249] Allocated by task 177: [ 10.632426] kasan_save_stack+0x45/0x70 [ 10.632650] kasan_save_track+0x18/0x40 [ 10.632845] kasan_save_alloc_info+0x3b/0x50 [ 10.633069] __kasan_krealloc+0x190/0x1f0 [ 10.633283] krealloc_noprof+0xf3/0x340 [ 10.633466] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.633662] krealloc_less_oob+0x1c/0x30 [ 10.633797] kunit_try_run_case+0x1a5/0x480 [ 10.634008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.634263] kthread+0x337/0x6f0 [ 10.634428] ret_from_fork+0x41/0x80 [ 10.634633] ret_from_fork_asm+0x1a/0x30 [ 10.634782] [ 10.634865] The buggy address belongs to the object at ffff8881009a2c00 [ 10.634865] which belongs to the cache kmalloc-256 of size 256 [ 10.635369] The buggy address is located 33 bytes to the right of [ 10.635369] allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9) [ 10.635900] [ 10.635979] The buggy address belongs to the physical page: [ 10.636235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.636505] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.636753] flags: 0x200000000000040(head|node=0|zone=2) [ 10.636948] page_type: f5(slab) [ 10.637078] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.637394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.637758] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.638109] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.638444] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.638817] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.639059] page dumped because: kasan: bad access detected [ 10.639227] [ 10.639294] Memory state around the buggy address: [ 10.639448] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.639766] ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.640097] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.640424] ^ [ 10.640741] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.641076] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.641393] ================================================================== [ 10.539656] ================================================================== [ 10.540849] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.541597] Write of size 1 at addr ffff8881009a2cc9 by task kunit_try_catch/177 [ 10.542391] [ 10.542489] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.542536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.542555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.542575] Call Trace: [ 10.542588] <TASK> [ 10.542606] dump_stack_lvl+0x73/0xb0 [ 10.542633] print_report+0xd1/0x650 [ 10.542656] ? __virt_addr_valid+0x1db/0x2d0 [ 10.542677] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.542697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.542719] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.542739] kasan_report+0x141/0x180 [ 10.542761] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.542785] __asan_report_store1_noabort+0x1b/0x30 [ 10.542805] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.542827] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.542846] ? finish_task_switch.isra.0+0x153/0x700 [ 10.542869] ? __switch_to+0x5d9/0xf60 [ 10.542889] ? dequeue_task_fair+0x166/0x4e0 [ 10.542912] ? __schedule+0x10cc/0x2b60 [ 10.542946] ? __pfx_read_tsc+0x10/0x10 [ 10.542970] krealloc_less_oob+0x1c/0x30 [ 10.542987] kunit_try_run_case+0x1a5/0x480 [ 10.543012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.543034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.543056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.543079] ? __kthread_parkme+0x82/0x180 [ 10.543100] ? preempt_count_sub+0x50/0x80 [ 10.543123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.543146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.543168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.543190] kthread+0x337/0x6f0 [ 10.543206] ? trace_preempt_on+0x20/0xc0 [ 10.543320] ? __pfx_kthread+0x10/0x10 [ 10.543358] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.543379] ? calculate_sigpending+0x7b/0xa0 [ 10.543400] ? __pfx_kthread+0x10/0x10 [ 10.543417] ret_from_fork+0x41/0x80 [ 10.543438] ? __pfx_kthread+0x10/0x10 [ 10.543455] ret_from_fork_asm+0x1a/0x30 [ 10.543486] </TASK> [ 10.543497] [ 10.555322] Allocated by task 177: [ 10.555500] kasan_save_stack+0x45/0x70 [ 10.556033] kasan_save_track+0x18/0x40 [ 10.556191] kasan_save_alloc_info+0x3b/0x50 [ 10.556409] __kasan_krealloc+0x190/0x1f0 [ 10.556612] krealloc_noprof+0xf3/0x340 [ 10.557126] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.557314] krealloc_less_oob+0x1c/0x30 [ 10.557454] kunit_try_run_case+0x1a5/0x480 [ 10.557611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.557786] kthread+0x337/0x6f0 [ 10.557902] ret_from_fork+0x41/0x80 [ 10.558312] ret_from_fork_asm+0x1a/0x30 [ 10.558674] [ 10.558748] The buggy address belongs to the object at ffff8881009a2c00 [ 10.558748] which belongs to the cache kmalloc-256 of size 256 [ 10.560099] The buggy address is located 0 bytes to the right of [ 10.560099] allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9) [ 10.561061] [ 10.561231] The buggy address belongs to the physical page: [ 10.561765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 10.562198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.562778] flags: 0x200000000000040(head|node=0|zone=2) [ 10.562968] page_type: f5(slab) [ 10.563094] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.563323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.563552] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.563782] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.564313] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff [ 10.565135] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.565861] page dumped because: kasan: bad access detected [ 10.566444] [ 10.566627] Memory state around the buggy address: [ 10.567200] ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.567867] ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.568482] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.569218] ^ [ 10.569739] ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.570349] ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.571044] ================================================================== [ 10.772930] ================================================================== [ 10.773277] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.773663] Write of size 1 at addr ffff8881028960eb by task kunit_try_catch/181 [ 10.774262] [ 10.774385] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.774430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.774442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.774462] Call Trace: [ 10.774479] <TASK> [ 10.774496] dump_stack_lvl+0x73/0xb0 [ 10.774521] print_report+0xd1/0x650 [ 10.774544] ? __virt_addr_valid+0x1db/0x2d0 [ 10.774565] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.774585] ? kasan_addr_to_slab+0x11/0xa0 [ 10.774605] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.774625] kasan_report+0x141/0x180 [ 10.774646] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.774670] __asan_report_store1_noabort+0x1b/0x30 [ 10.774691] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.774713] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.774733] ? finish_task_switch.isra.0+0x153/0x700 [ 10.774757] ? __switch_to+0x5d9/0xf60 [ 10.774854] ? dequeue_task_fair+0x156/0x4e0 [ 10.774880] ? __schedule+0x10cc/0x2b60 [ 10.774903] ? __pfx_read_tsc+0x10/0x10 [ 10.775491] krealloc_large_less_oob+0x1c/0x30 [ 10.775524] kunit_try_run_case+0x1a5/0x480 [ 10.775553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.775575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.775645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.775671] ? __kthread_parkme+0x82/0x180 [ 10.775694] ? preempt_count_sub+0x50/0x80 [ 10.775753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.775778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.775801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.775823] kthread+0x337/0x6f0 [ 10.775840] ? trace_preempt_on+0x20/0xc0 [ 10.775864] ? __pfx_kthread+0x10/0x10 [ 10.775881] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.775902] ? calculate_sigpending+0x7b/0xa0 [ 10.775934] ? __pfx_kthread+0x10/0x10 [ 10.775952] ret_from_fork+0x41/0x80 [ 10.775973] ? __pfx_kthread+0x10/0x10 [ 10.775990] ret_from_fork_asm+0x1a/0x30 [ 10.776020] </TASK> [ 10.776031] [ 10.787335] The buggy address belongs to the physical page: [ 10.787605] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 10.788156] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.788488] flags: 0x200000000000040(head|node=0|zone=2) [ 10.788929] page_type: f8(unknown) [ 10.789121] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.789555] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.790070] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.790506] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.791009] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff [ 10.791420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.791902] page dumped because: kasan: bad access detected [ 10.792128] [ 10.792350] Memory state around the buggy address: [ 10.792536] ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.792904] ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.793396] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.793905] ^ [ 10.794268] ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.794568] ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.795039] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.845889] ================================================================== [ 48.846317] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.846317] [ 48.846679] Use-after-free read at 0x(____ptrval____) (in kfence-#147): [ 48.846999] test_krealloc+0x6fc/0xbe0 [ 48.847143] kunit_try_run_case+0x1a5/0x480 [ 48.847583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.847806] kthread+0x337/0x6f0 [ 48.847970] ret_from_fork+0x41/0x80 [ 48.848133] ret_from_fork_asm+0x1a/0x30 [ 48.848298] [ 48.848398] kfence-#147: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.848398] [ 48.848878] allocated by task 356 on cpu 0 at 48.845121s (0.003754s ago): [ 48.849184] test_alloc+0x364/0x10f0 [ 48.849366] test_krealloc+0xad/0xbe0 [ 48.849510] kunit_try_run_case+0x1a5/0x480 [ 48.849804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.850044] kthread+0x337/0x6f0 [ 48.850199] ret_from_fork+0x41/0x80 [ 48.850357] ret_from_fork_asm+0x1a/0x30 [ 48.850495] [ 48.850587] freed by task 356 on cpu 0 at 48.845385s (0.005200s ago): [ 48.850916] krealloc_noprof+0x108/0x340 [ 48.851111] test_krealloc+0x226/0xbe0 [ 48.851243] kunit_try_run_case+0x1a5/0x480 [ 48.851450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.851721] kthread+0x337/0x6f0 [ 48.851861] ret_from_fork+0x41/0x80 [ 48.852050] ret_from_fork_asm+0x1a/0x30 [ 48.852212] [ 48.852343] CPU: 0 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 48.852818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.852995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.853265] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.764719] ================================================================== [ 48.765124] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.765124] [ 48.765458] Use-after-free read at 0x(____ptrval____) (in kfence-#146): [ 48.765701] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.765878] kunit_try_run_case+0x1a5/0x480 [ 48.766105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.766366] kthread+0x337/0x6f0 [ 48.766600] ret_from_fork+0x41/0x80 [ 48.766957] ret_from_fork_asm+0x1a/0x30 [ 48.767308] [ 48.767488] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.767488] [ 48.768434] allocated by task 354 on cpu 1 at 48.741034s (0.027396s ago): [ 48.768916] test_alloc+0x2a6/0x10f0 [ 48.769289] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.769519] kunit_try_run_case+0x1a5/0x480 [ 48.769790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.770234] kthread+0x337/0x6f0 [ 48.770415] ret_from_fork+0x41/0x80 [ 48.770768] ret_from_fork_asm+0x1a/0x30 [ 48.771080] [ 48.771158] freed by task 354 on cpu 1 at 48.741137s (0.030018s ago): [ 48.771543] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.771911] kunit_try_run_case+0x1a5/0x480 [ 48.772189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.772515] kthread+0x337/0x6f0 [ 48.772835] ret_from_fork+0x41/0x80 [ 48.773013] ret_from_fork_asm+0x1a/0x30 [ 48.773219] [ 48.773533] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 48.773993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.774201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.774824] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.584117] ================================================================== [ 23.584719] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.584719] [ 23.585336] Invalid read at 0x(____ptrval____): [ 23.585570] test_invalid_access+0xf0/0x210 [ 23.585784] kunit_try_run_case+0x1a5/0x480 [ 23.586659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.587120] kthread+0x337/0x6f0 [ 23.587401] ret_from_fork+0x41/0x80 [ 23.587802] ret_from_fork_asm+0x1a/0x30 [ 23.588036] [ 23.588356] CPU: 1 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 23.589081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.589397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.589935] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.365331] ================================================================== [ 23.366173] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.366173] [ 23.366494] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 23.367493] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.367896] kunit_try_run_case+0x1a5/0x480 [ 23.368196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.368430] kthread+0x337/0x6f0 [ 23.368743] ret_from_fork+0x41/0x80 [ 23.368938] ret_from_fork_asm+0x1a/0x30 [ 23.369245] [ 23.369339] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.369339] [ 23.370010] allocated by task 344 on cpu 1 at 23.365083s (0.004924s ago): [ 23.370328] test_alloc+0x364/0x10f0 [ 23.370500] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.371021] kunit_try_run_case+0x1a5/0x480 [ 23.371227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.371455] kthread+0x337/0x6f0 [ 23.371794] ret_from_fork+0x41/0x80 [ 23.371961] ret_from_fork_asm+0x1a/0x30 [ 23.372295] [ 23.372387] freed by task 344 on cpu 1 at 23.365212s (0.007173s ago): [ 23.372852] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.373100] kunit_try_run_case+0x1a5/0x480 [ 23.373295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.373522] kthread+0x337/0x6f0 [ 23.373662] ret_from_fork+0x41/0x80 [ 23.373824] ret_from_fork_asm+0x1a/0x30 [ 23.374018] [ 23.374150] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 23.375031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.375220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.375696] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.157297] ================================================================== [ 23.157720] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.157720] [ 23.158181] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#140): [ 23.158523] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.158813] kunit_try_run_case+0x1a5/0x480 [ 23.158999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.159263] kthread+0x337/0x6f0 [ 23.159438] ret_from_fork+0x41/0x80 [ 23.159637] ret_from_fork_asm+0x1a/0x30 [ 23.159853] [ 23.159937] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.159937] [ 23.160370] allocated by task 342 on cpu 0 at 23.157070s (0.003298s ago): [ 23.160700] test_alloc+0x364/0x10f0 [ 23.160881] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.161151] kunit_try_run_case+0x1a5/0x480 [ 23.161315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.161551] kthread+0x337/0x6f0 [ 23.161755] ret_from_fork+0x41/0x80 [ 23.161971] ret_from_fork_asm+0x1a/0x30 [ 23.162168] [ 23.162295] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 23.162832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.162974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.164044] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.645230] ================================================================== [ 17.645666] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.645666] [ 17.645987] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 17.646693] test_corruption+0x131/0x3e0 [ 17.646942] kunit_try_run_case+0x1a5/0x480 [ 17.647119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.647353] kthread+0x337/0x6f0 [ 17.647525] ret_from_fork+0x41/0x80 [ 17.647714] ret_from_fork_asm+0x1a/0x30 [ 17.647897] [ 17.648005] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.648005] [ 17.648368] allocated by task 332 on cpu 0 at 17.645082s (0.003282s ago): [ 17.648733] test_alloc+0x2a6/0x10f0 [ 17.648903] test_corruption+0xe6/0x3e0 [ 17.649090] kunit_try_run_case+0x1a5/0x480 [ 17.649289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.649464] kthread+0x337/0x6f0 [ 17.649639] ret_from_fork+0x41/0x80 [ 17.649899] ret_from_fork_asm+0x1a/0x30 [ 17.650109] [ 17.650189] freed by task 332 on cpu 0 at 17.645145s (0.005042s ago): [ 17.650402] test_corruption+0x131/0x3e0 [ 17.650624] kunit_try_run_case+0x1a5/0x480 [ 17.650930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.651109] kthread+0x337/0x6f0 [ 17.651293] ret_from_fork+0x41/0x80 [ 17.651474] ret_from_fork_asm+0x1a/0x30 [ 17.651973] [ 17.652098] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 17.652552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.652740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.653105] ================================================================== [ 17.125360] ================================================================== [ 17.125953] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.125953] [ 17.126294] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 17.127054] test_corruption+0x2d2/0x3e0 [ 17.127271] kunit_try_run_case+0x1a5/0x480 [ 17.127451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.127874] kthread+0x337/0x6f0 [ 17.128019] ret_from_fork+0x41/0x80 [ 17.128217] ret_from_fork_asm+0x1a/0x30 [ 17.128409] [ 17.128508] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.128508] [ 17.128929] allocated by task 330 on cpu 1 at 17.125092s (0.003835s ago): [ 17.129310] test_alloc+0x364/0x10f0 [ 17.129487] test_corruption+0xe6/0x3e0 [ 17.129650] kunit_try_run_case+0x1a5/0x480 [ 17.129798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.130019] kthread+0x337/0x6f0 [ 17.130186] ret_from_fork+0x41/0x80 [ 17.130395] ret_from_fork_asm+0x1a/0x30 [ 17.130568] [ 17.130665] freed by task 330 on cpu 1 at 17.125195s (0.005468s ago): [ 17.130890] test_corruption+0x2d2/0x3e0 [ 17.131095] kunit_try_run_case+0x1a5/0x480 [ 17.131308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.131544] kthread+0x337/0x6f0 [ 17.131697] ret_from_fork+0x41/0x80 [ 17.131827] ret_from_fork_asm+0x1a/0x30 [ 17.132035] [ 17.132164] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 17.132606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.132812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.133167] ================================================================== [ 17.957212] ================================================================== [ 17.957708] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 17.957708] [ 17.958059] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#90): [ 17.958438] test_corruption+0x216/0x3e0 [ 17.958611] kunit_try_run_case+0x1a5/0x480 [ 17.958822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.959008] kthread+0x337/0x6f0 [ 17.959180] ret_from_fork+0x41/0x80 [ 17.959369] ret_from_fork_asm+0x1a/0x30 [ 17.959579] [ 17.959671] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.959671] [ 17.960030] allocated by task 332 on cpu 0 at 17.957064s (0.002963s ago): [ 17.960253] test_alloc+0x2a6/0x10f0 [ 17.960443] test_corruption+0x1cb/0x3e0 [ 17.960640] kunit_try_run_case+0x1a5/0x480 [ 17.960864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961099] kthread+0x337/0x6f0 [ 17.961225] ret_from_fork+0x41/0x80 [ 17.961413] ret_from_fork_asm+0x1a/0x30 [ 17.961616] [ 17.961706] freed by task 332 on cpu 0 at 17.957125s (0.004578s ago): [ 17.961963] test_corruption+0x216/0x3e0 [ 17.962146] kunit_try_run_case+0x1a5/0x480 [ 17.962355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.962590] kthread+0x337/0x6f0 [ 17.962723] ret_from_fork+0x41/0x80 [ 17.962907] ret_from_fork_asm+0x1a/0x30 [ 17.963094] [ 17.963206] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 17.963527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.963661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.964032] ================================================================== [ 17.437347] ================================================================== [ 17.437795] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.437795] [ 17.438094] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 17.438485] test_corruption+0x2df/0x3e0 [ 17.438695] kunit_try_run_case+0x1a5/0x480 [ 17.438880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.439130] kthread+0x337/0x6f0 [ 17.439305] ret_from_fork+0x41/0x80 [ 17.439491] ret_from_fork_asm+0x1a/0x30 [ 17.439698] [ 17.439798] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.439798] [ 17.440107] allocated by task 330 on cpu 1 at 17.437081s (0.003024s ago): [ 17.440433] test_alloc+0x364/0x10f0 [ 17.440619] test_corruption+0x1cb/0x3e0 [ 17.440809] kunit_try_run_case+0x1a5/0x480 [ 17.441021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.441240] kthread+0x337/0x6f0 [ 17.441360] ret_from_fork+0x41/0x80 [ 17.441493] ret_from_fork_asm+0x1a/0x30 [ 17.441691] [ 17.441788] freed by task 330 on cpu 1 at 17.437177s (0.004609s ago): [ 17.442112] test_corruption+0x2df/0x3e0 [ 17.442286] kunit_try_run_case+0x1a5/0x480 [ 17.442439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.442840] kthread+0x337/0x6f0 [ 17.443010] ret_from_fork+0x41/0x80 [ 17.443189] ret_from_fork_asm+0x1a/0x30 [ 17.443371] [ 17.443470] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 17.443803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.444012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.444503] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 16.917232] ================================================================== [ 16.917695] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 16.917695] [ 16.918064] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 16.918352] test_invalid_addr_free+0xfb/0x260 [ 16.918538] kunit_try_run_case+0x1a5/0x480 [ 16.918726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.918968] kthread+0x337/0x6f0 [ 16.919144] ret_from_fork+0x41/0x80 [ 16.919329] ret_from_fork_asm+0x1a/0x30 [ 16.919505] [ 16.919577] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.919577] [ 16.919992] allocated by task 328 on cpu 0 at 16.917103s (0.002886s ago): [ 16.920281] test_alloc+0x2a6/0x10f0 [ 16.920445] test_invalid_addr_free+0xdb/0x260 [ 16.920597] kunit_try_run_case+0x1a5/0x480 [ 16.920853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.921116] kthread+0x337/0x6f0 [ 16.921246] ret_from_fork+0x41/0x80 [ 16.921376] ret_from_fork_asm+0x1a/0x30 [ 16.921638] [ 16.921761] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.922231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.922435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.922831] ================================================================== [ 16.813499] ================================================================== [ 16.813951] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 16.813951] [ 16.814302] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 16.814587] test_invalid_addr_free+0x1e1/0x260 [ 16.814837] kunit_try_run_case+0x1a5/0x480 [ 16.815070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.815328] kthread+0x337/0x6f0 [ 16.815495] ret_from_fork+0x41/0x80 [ 16.815683] ret_from_fork_asm+0x1a/0x30 [ 16.815851] [ 16.815960] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.815960] [ 16.816404] allocated by task 326 on cpu 1 at 16.813353s (0.003048s ago): [ 16.816892] test_alloc+0x364/0x10f0 [ 16.817093] test_invalid_addr_free+0xdb/0x260 [ 16.817285] kunit_try_run_case+0x1a5/0x480 [ 16.817477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.818218] kthread+0x337/0x6f0 [ 16.818582] ret_from_fork+0x41/0x80 [ 16.818893] ret_from_fork_asm+0x1a/0x30 [ 16.819254] [ 16.819385] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.819872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.820112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.820481] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 16.709404] ================================================================== [ 16.710012] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.710012] [ 16.710390] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 16.710724] test_double_free+0x112/0x260 [ 16.710909] kunit_try_run_case+0x1a5/0x480 [ 16.711155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.711404] kthread+0x337/0x6f0 [ 16.711568] ret_from_fork+0x41/0x80 [ 16.711734] ret_from_fork_asm+0x1a/0x30 [ 16.711877] [ 16.711985] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.711985] [ 16.712414] allocated by task 324 on cpu 1 at 16.709108s (0.003303s ago): [ 16.712688] test_alloc+0x2a6/0x10f0 [ 16.712903] test_double_free+0xdb/0x260 [ 16.713113] kunit_try_run_case+0x1a5/0x480 [ 16.713290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.713558] kthread+0x337/0x6f0 [ 16.713769] ret_from_fork+0x41/0x80 [ 16.713970] ret_from_fork_asm+0x1a/0x30 [ 16.714132] [ 16.714249] freed by task 324 on cpu 1 at 16.709172s (0.005075s ago): [ 16.714548] test_double_free+0xfa/0x260 [ 16.714752] kunit_try_run_case+0x1a5/0x480 [ 16.714977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.715161] kthread+0x337/0x6f0 [ 16.715323] ret_from_fork+0x41/0x80 [ 16.715512] ret_from_fork_asm+0x1a/0x30 [ 16.715700] [ 16.715826] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.716487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.716649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.717000] ================================================================== [ 16.605332] ================================================================== [ 16.605876] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.605876] [ 16.606188] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 16.606487] test_double_free+0x1d3/0x260 [ 16.606677] kunit_try_run_case+0x1a5/0x480 [ 16.606894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607119] kthread+0x337/0x6f0 [ 16.607299] ret_from_fork+0x41/0x80 [ 16.607444] ret_from_fork_asm+0x1a/0x30 [ 16.607678] [ 16.607754] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.607754] [ 16.608118] allocated by task 322 on cpu 0 at 16.605085s (0.003030s ago): [ 16.608398] test_alloc+0x364/0x10f0 [ 16.608529] test_double_free+0xdb/0x260 [ 16.609104] kunit_try_run_case+0x1a5/0x480 [ 16.609349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.609629] kthread+0x337/0x6f0 [ 16.609752] ret_from_fork+0x41/0x80 [ 16.609889] ret_from_fork_asm+0x1a/0x30 [ 16.610071] [ 16.610169] freed by task 322 on cpu 0 at 16.605142s (0.005025s ago): [ 16.610463] test_double_free+0x1e0/0x260 [ 16.610708] kunit_try_run_case+0x1a5/0x480 [ 16.610857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.611044] kthread+0x337/0x6f0 [ 16.611215] ret_from_fork+0x41/0x80 [ 16.611398] ret_from_fork_asm+0x1a/0x30 [ 16.611577] [ 16.611683] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.612331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.612526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.612934] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.293241] ================================================================== [ 16.293734] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.293734] [ 16.294227] Use-after-free read at 0x(____ptrval____) (in kfence-#74): [ 16.294485] test_use_after_free_read+0x129/0x270 [ 16.295196] kunit_try_run_case+0x1a5/0x480 [ 16.295613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.295848] kthread+0x337/0x6f0 [ 16.296028] ret_from_fork+0x41/0x80 [ 16.296200] ret_from_fork_asm+0x1a/0x30 [ 16.296398] [ 16.296495] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.296495] [ 16.297256] allocated by task 316 on cpu 1 at 16.293092s (0.004160s ago): [ 16.297649] test_alloc+0x2a6/0x10f0 [ 16.297883] test_use_after_free_read+0xdc/0x270 [ 16.298174] kunit_try_run_case+0x1a5/0x480 [ 16.298359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.298708] kthread+0x337/0x6f0 [ 16.298958] ret_from_fork+0x41/0x80 [ 16.299114] ret_from_fork_asm+0x1a/0x30 [ 16.299435] [ 16.299516] freed by task 316 on cpu 1 at 16.293149s (0.006365s ago): [ 16.299969] test_use_after_free_read+0xfb/0x270 [ 16.300192] kunit_try_run_case+0x1a5/0x480 [ 16.300400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.300861] kthread+0x337/0x6f0 [ 16.301016] ret_from_fork+0x41/0x80 [ 16.301330] ret_from_fork_asm+0x1a/0x30 [ 16.301501] [ 16.301735] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.302276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.302542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.302932] ================================================================== [ 16.189341] ================================================================== [ 16.189890] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.189890] [ 16.190299] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 16.190575] test_use_after_free_read+0x129/0x270 [ 16.190762] kunit_try_run_case+0x1a5/0x480 [ 16.191123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.191419] kthread+0x337/0x6f0 [ 16.191551] ret_from_fork+0x41/0x80 [ 16.191741] ret_from_fork_asm+0x1a/0x30 [ 16.191910] [ 16.192019] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.192019] [ 16.192396] allocated by task 314 on cpu 0 at 16.189100s (0.003294s ago): [ 16.192756] test_alloc+0x364/0x10f0 [ 16.192960] test_use_after_free_read+0xdc/0x270 [ 16.193111] kunit_try_run_case+0x1a5/0x480 [ 16.193258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.193670] kthread+0x337/0x6f0 [ 16.193866] ret_from_fork+0x41/0x80 [ 16.194069] ret_from_fork_asm+0x1a/0x30 [ 16.194278] [ 16.194494] freed by task 314 on cpu 0 at 16.189178s (0.005210s ago): [ 16.195085] test_use_after_free_read+0x1e7/0x270 [ 16.195316] kunit_try_run_case+0x1a5/0x480 [ 16.195535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.195711] kthread+0x337/0x6f0 [ 16.195828] ret_from_fork+0x41/0x80 [ 16.195973] ret_from_fork_asm+0x1a/0x30 [ 16.196289] [ 16.196533] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.196983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.197231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.197574] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.085138] ================================================================== [ 16.085542] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.085542] [ 16.086074] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#72): [ 16.086421] test_out_of_bounds_write+0x10d/0x260 [ 16.086692] kunit_try_run_case+0x1a5/0x480 [ 16.086889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.087134] kthread+0x337/0x6f0 [ 16.087309] ret_from_fork+0x41/0x80 [ 16.087461] ret_from_fork_asm+0x1a/0x30 [ 16.087600] [ 16.087671] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.087671] [ 16.088106] allocated by task 312 on cpu 0 at 16.085071s (0.003032s ago): [ 16.088523] test_alloc+0x2a6/0x10f0 [ 16.088734] test_out_of_bounds_write+0xd4/0x260 [ 16.088890] kunit_try_run_case+0x1a5/0x480 [ 16.089133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.089386] kthread+0x337/0x6f0 [ 16.089573] ret_from_fork+0x41/0x80 [ 16.089784] ret_from_fork_asm+0x1a/0x30 [ 16.089983] [ 16.090083] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 16.090610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.090826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.091177] ================================================================== [ 15.877232] ================================================================== [ 15.877650] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 15.877650] [ 15.878064] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 15.878396] test_out_of_bounds_write+0x10d/0x260 [ 15.878625] kunit_try_run_case+0x1a5/0x480 [ 15.878818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.879027] kthread+0x337/0x6f0 [ 15.879151] ret_from_fork+0x41/0x80 [ 15.879285] ret_from_fork_asm+0x1a/0x30 [ 15.879465] [ 15.879564] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.879564] [ 15.880012] allocated by task 310 on cpu 1 at 15.877098s (0.002911s ago): [ 15.880347] test_alloc+0x364/0x10f0 [ 15.880521] test_out_of_bounds_write+0xd4/0x260 [ 15.880774] kunit_try_run_case+0x1a5/0x480 [ 15.880979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.881188] kthread+0x337/0x6f0 [ 15.881359] ret_from_fork+0x41/0x80 [ 15.881545] ret_from_fork_asm+0x1a/0x30 [ 15.881710] [ 15.881834] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 15.882258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.882454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.882799] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.773142] ================================================================== [ 15.773555] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.773555] [ 15.773997] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#69): [ 15.774301] test_out_of_bounds_read+0x216/0x4e0 [ 15.774528] kunit_try_run_case+0x1a5/0x480 [ 15.774824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.775072] kthread+0x337/0x6f0 [ 15.775215] ret_from_fork+0x41/0x80 [ 15.775352] ret_from_fork_asm+0x1a/0x30 [ 15.775494] [ 15.775567] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.775567] [ 15.775981] allocated by task 308 on cpu 1 at 15.773080s (0.002899s ago): [ 15.776291] test_alloc+0x2a6/0x10f0 [ 15.776425] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.776670] kunit_try_run_case+0x1a5/0x480 [ 15.776882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.777128] kthread+0x337/0x6f0 [ 15.777289] ret_from_fork+0x41/0x80 [ 15.777448] ret_from_fork_asm+0x1a/0x30 [ 15.777656] [ 15.777753] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 15.778110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.778307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.778713] ================================================================== [ 15.357387] ================================================================== [ 15.357969] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.357969] [ 15.358458] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 15.358847] test_out_of_bounds_read+0x216/0x4e0 [ 15.359026] kunit_try_run_case+0x1a5/0x480 [ 15.359243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.359498] kthread+0x337/0x6f0 [ 15.359725] ret_from_fork+0x41/0x80 [ 15.359933] ret_from_fork_asm+0x1a/0x30 [ 15.360143] [ 15.360242] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.360242] [ 15.360662] allocated by task 306 on cpu 0 at 15.357124s (0.003535s ago): [ 15.360886] test_alloc+0x364/0x10f0 [ 15.361168] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.361456] kunit_try_run_case+0x1a5/0x480 [ 15.361735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.361941] kthread+0x337/0x6f0 [ 15.362152] ret_from_fork+0x41/0x80 [ 15.362356] ret_from_fork_asm+0x1a/0x30 [ 15.362543] [ 15.362709] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 15.363182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.363412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.363839] ================================================================== [ 15.150153] ================================================================== [ 15.150618] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.150618] [ 15.151194] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 15.151720] test_out_of_bounds_read+0x126/0x4e0 [ 15.151986] kunit_try_run_case+0x1a5/0x480 [ 15.152209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.152430] kthread+0x337/0x6f0 [ 15.152582] ret_from_fork+0x41/0x80 [ 15.152774] ret_from_fork_asm+0x1a/0x30 [ 15.153017] [ 15.153274] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.153274] [ 15.153822] allocated by task 306 on cpu 0 at 15.149084s (0.004656s ago): [ 15.154418] test_alloc+0x364/0x10f0 [ 15.154658] test_out_of_bounds_read+0xed/0x4e0 [ 15.154868] kunit_try_run_case+0x1a5/0x480 [ 15.155077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.155341] kthread+0x337/0x6f0 [ 15.155535] ret_from_fork+0x41/0x80 [ 15.155727] ret_from_fork_asm+0x1a/0x30 [ 15.155979] [ 15.156154] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 15.156660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.156861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.157278] ================================================================== [ 15.461212] ================================================================== [ 15.461692] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.461692] [ 15.462164] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 15.462473] test_out_of_bounds_read+0x126/0x4e0 [ 15.463297] kunit_try_run_case+0x1a5/0x480 [ 15.463654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.464014] kthread+0x337/0x6f0 [ 15.464181] ret_from_fork+0x41/0x80 [ 15.464360] ret_from_fork_asm+0x1a/0x30 [ 15.464553] [ 15.464871] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.464871] [ 15.465343] allocated by task 308 on cpu 1 at 15.461142s (0.004198s ago): [ 15.465888] test_alloc+0x2a6/0x10f0 [ 15.466078] test_out_of_bounds_read+0xed/0x4e0 [ 15.466293] kunit_try_run_case+0x1a5/0x480 [ 15.466495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.466983] kthread+0x337/0x6f0 [ 15.467224] ret_from_fork+0x41/0x80 [ 15.467397] ret_from_fork_asm+0x1a/0x30 [ 15.467723] [ 15.467849] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 15.468481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.469214] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 14.939327] ================================================================== [ 14.939773] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 14.940481] Write of size 1 at addr ffff888102f60f78 by task kunit_try_catch/304 [ 14.940882] [ 14.941096] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.941159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.941172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.941196] Call Trace: [ 14.941259] <TASK> [ 14.941279] dump_stack_lvl+0x73/0xb0 [ 14.941357] print_report+0xd1/0x650 [ 14.941382] ? __virt_addr_valid+0x1db/0x2d0 [ 14.941417] ? strncpy_from_user+0x1a5/0x1d0 [ 14.941443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.941467] ? strncpy_from_user+0x1a5/0x1d0 [ 14.941490] kasan_report+0x141/0x180 [ 14.941514] ? strncpy_from_user+0x1a5/0x1d0 [ 14.941542] __asan_report_store1_noabort+0x1b/0x30 [ 14.941585] strncpy_from_user+0x1a5/0x1d0 [ 14.941612] copy_user_test_oob+0x760/0x10f0 [ 14.941638] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.941658] ? finish_task_switch.isra.0+0x153/0x700 [ 14.941685] ? __switch_to+0x5d9/0xf60 [ 14.941707] ? dequeue_task_fair+0x166/0x4e0 [ 14.941733] ? __schedule+0x10cc/0x2b60 [ 14.941757] ? __pfx_read_tsc+0x10/0x10 [ 14.941778] ? ktime_get_ts64+0x86/0x230 [ 14.941805] kunit_try_run_case+0x1a5/0x480 [ 14.941831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.941855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.941880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.941905] ? __kthread_parkme+0x82/0x180 [ 14.941938] ? preempt_count_sub+0x50/0x80 [ 14.941963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.941987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.942035] kthread+0x337/0x6f0 [ 14.942052] ? trace_preempt_on+0x20/0xc0 [ 14.942077] ? __pfx_kthread+0x10/0x10 [ 14.942095] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.942118] ? calculate_sigpending+0x7b/0xa0 [ 14.942142] ? __pfx_kthread+0x10/0x10 [ 14.942161] ret_from_fork+0x41/0x80 [ 14.942183] ? __pfx_kthread+0x10/0x10 [ 14.942202] ret_from_fork_asm+0x1a/0x30 [ 14.942234] </TASK> [ 14.942246] [ 14.950945] Allocated by task 304: [ 14.951151] kasan_save_stack+0x45/0x70 [ 14.951354] kasan_save_track+0x18/0x40 [ 14.951542] kasan_save_alloc_info+0x3b/0x50 [ 14.951835] __kasan_kmalloc+0xb7/0xc0 [ 14.952059] __kmalloc_noprof+0x1c9/0x500 [ 14.952249] kunit_kmalloc_array+0x25/0x60 [ 14.952502] copy_user_test_oob+0xab/0x10f0 [ 14.952786] kunit_try_run_case+0x1a5/0x480 [ 14.953006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.953278] kthread+0x337/0x6f0 [ 14.953398] ret_from_fork+0x41/0x80 [ 14.953527] ret_from_fork_asm+0x1a/0x30 [ 14.953741] [ 14.953897] The buggy address belongs to the object at ffff888102f60f00 [ 14.953897] which belongs to the cache kmalloc-128 of size 128 [ 14.954605] The buggy address is located 0 bytes to the right of [ 14.954605] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.955068] [ 14.955158] The buggy address belongs to the physical page: [ 14.955410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.955940] flags: 0x200000000000000(node=0|zone=2) [ 14.956225] page_type: f5(slab) [ 14.956407] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.956712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.957036] page dumped because: kasan: bad access detected [ 14.957276] [ 14.957358] Memory state around the buggy address: [ 14.957635] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.957861] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.958178] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.958603] ^ [ 14.958869] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959231] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.959521] ================================================================== [ 14.918132] ================================================================== [ 14.918456] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 14.918894] Write of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.919264] [ 14.919458] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.919509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.919522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.919545] Call Trace: [ 14.919587] <TASK> [ 14.919662] dump_stack_lvl+0x73/0xb0 [ 14.919707] print_report+0xd1/0x650 [ 14.919732] ? __virt_addr_valid+0x1db/0x2d0 [ 14.919755] ? strncpy_from_user+0x2e/0x1d0 [ 14.919778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.919802] ? strncpy_from_user+0x2e/0x1d0 [ 14.919825] kasan_report+0x141/0x180 [ 14.919849] ? strncpy_from_user+0x2e/0x1d0 [ 14.919877] kasan_check_range+0x10c/0x1c0 [ 14.919898] __kasan_check_write+0x18/0x20 [ 14.919928] strncpy_from_user+0x2e/0x1d0 [ 14.919950] ? __kasan_check_read+0x15/0x20 [ 14.919974] copy_user_test_oob+0x760/0x10f0 [ 14.919999] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.920020] ? finish_task_switch.isra.0+0x153/0x700 [ 14.920048] ? __switch_to+0x5d9/0xf60 [ 14.920070] ? dequeue_task_fair+0x166/0x4e0 [ 14.920096] ? __schedule+0x10cc/0x2b60 [ 14.920121] ? __pfx_read_tsc+0x10/0x10 [ 14.920142] ? ktime_get_ts64+0x86/0x230 [ 14.920169] kunit_try_run_case+0x1a5/0x480 [ 14.920195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.920273] ? __kthread_parkme+0x82/0x180 [ 14.920296] ? preempt_count_sub+0x50/0x80 [ 14.920322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.920392] kthread+0x337/0x6f0 [ 14.920410] ? trace_preempt_on+0x20/0xc0 [ 14.920435] ? __pfx_kthread+0x10/0x10 [ 14.920453] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.920476] ? calculate_sigpending+0x7b/0xa0 [ 14.920499] ? __pfx_kthread+0x10/0x10 [ 14.920519] ret_from_fork+0x41/0x80 [ 14.920541] ? __pfx_kthread+0x10/0x10 [ 14.920579] ret_from_fork_asm+0x1a/0x30 [ 14.920610] </TASK> [ 14.920622] [ 14.929426] Allocated by task 304: [ 14.929634] kasan_save_stack+0x45/0x70 [ 14.929937] kasan_save_track+0x18/0x40 [ 14.930133] kasan_save_alloc_info+0x3b/0x50 [ 14.930342] __kasan_kmalloc+0xb7/0xc0 [ 14.930515] __kmalloc_noprof+0x1c9/0x500 [ 14.930802] kunit_kmalloc_array+0x25/0x60 [ 14.930959] copy_user_test_oob+0xab/0x10f0 [ 14.931242] kunit_try_run_case+0x1a5/0x480 [ 14.931536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931785] kthread+0x337/0x6f0 [ 14.931994] ret_from_fork+0x41/0x80 [ 14.932212] ret_from_fork_asm+0x1a/0x30 [ 14.932456] [ 14.932565] The buggy address belongs to the object at ffff888102f60f00 [ 14.932565] which belongs to the cache kmalloc-128 of size 128 [ 14.933186] The buggy address is located 0 bytes inside of [ 14.933186] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.933701] [ 14.933906] The buggy address belongs to the physical page: [ 14.934178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.934534] flags: 0x200000000000000(node=0|zone=2) [ 14.934852] page_type: f5(slab) [ 14.935037] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.935430] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.935814] page dumped because: kasan: bad access detected [ 14.936036] [ 14.936126] Memory state around the buggy address: [ 14.936285] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.936674] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.936935] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.937251] ^ [ 14.937689] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937951] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.938261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 14.855259] ================================================================== [ 14.855514] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 14.855966] Read of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.856324] [ 14.856457] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.856607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.856622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.856645] Call Trace: [ 14.856676] <TASK> [ 14.856696] dump_stack_lvl+0x73/0xb0 [ 14.856723] print_report+0xd1/0x650 [ 14.856747] ? __virt_addr_valid+0x1db/0x2d0 [ 14.856770] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.856790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.856815] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.856836] kasan_report+0x141/0x180 [ 14.856859] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.856885] kasan_check_range+0x10c/0x1c0 [ 14.856906] __kasan_check_read+0x15/0x20 [ 14.856935] copy_user_test_oob+0x4aa/0x10f0 [ 14.856959] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.856979] ? finish_task_switch.isra.0+0x153/0x700 [ 14.857006] ? __switch_to+0x5d9/0xf60 [ 14.857028] ? dequeue_task_fair+0x166/0x4e0 [ 14.857054] ? __schedule+0x10cc/0x2b60 [ 14.857077] ? __pfx_read_tsc+0x10/0x10 [ 14.857099] ? ktime_get_ts64+0x86/0x230 [ 14.857125] kunit_try_run_case+0x1a5/0x480 [ 14.857152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.857202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.857226] ? __kthread_parkme+0x82/0x180 [ 14.857249] ? preempt_count_sub+0x50/0x80 [ 14.857275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.857324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.857348] kthread+0x337/0x6f0 [ 14.857365] ? trace_preempt_on+0x20/0xc0 [ 14.857390] ? __pfx_kthread+0x10/0x10 [ 14.857409] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.857431] ? calculate_sigpending+0x7b/0xa0 [ 14.857455] ? __pfx_kthread+0x10/0x10 [ 14.857473] ret_from_fork+0x41/0x80 [ 14.857495] ? __pfx_kthread+0x10/0x10 [ 14.857514] ret_from_fork_asm+0x1a/0x30 [ 14.857596] </TASK> [ 14.857609] [ 14.866093] Allocated by task 304: [ 14.866298] kasan_save_stack+0x45/0x70 [ 14.866619] kasan_save_track+0x18/0x40 [ 14.866838] kasan_save_alloc_info+0x3b/0x50 [ 14.867096] __kasan_kmalloc+0xb7/0xc0 [ 14.867352] __kmalloc_noprof+0x1c9/0x500 [ 14.867603] kunit_kmalloc_array+0x25/0x60 [ 14.867754] copy_user_test_oob+0xab/0x10f0 [ 14.867929] kunit_try_run_case+0x1a5/0x480 [ 14.868179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.868513] kthread+0x337/0x6f0 [ 14.868754] ret_from_fork+0x41/0x80 [ 14.868959] ret_from_fork_asm+0x1a/0x30 [ 14.869210] [ 14.869322] The buggy address belongs to the object at ffff888102f60f00 [ 14.869322] which belongs to the cache kmalloc-128 of size 128 [ 14.869791] The buggy address is located 0 bytes inside of [ 14.869791] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.870493] [ 14.870623] The buggy address belongs to the physical page: [ 14.870908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.871274] flags: 0x200000000000000(node=0|zone=2) [ 14.871644] page_type: f5(slab) [ 14.871870] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.872164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.872498] page dumped because: kasan: bad access detected [ 14.872748] [ 14.872827] Memory state around the buggy address: [ 14.873051] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.873358] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.873661] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.874026] ^ [ 14.874256] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.874545] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.875019] ================================================================== [ 14.896987] ================================================================== [ 14.897426] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 14.897825] Read of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.898135] [ 14.898253] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.898302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.898315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.898338] Call Trace: [ 14.898359] <TASK> [ 14.898380] dump_stack_lvl+0x73/0xb0 [ 14.898405] print_report+0xd1/0x650 [ 14.898430] ? __virt_addr_valid+0x1db/0x2d0 [ 14.898454] ? copy_user_test_oob+0x604/0x10f0 [ 14.898477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.898501] ? copy_user_test_oob+0x604/0x10f0 [ 14.898522] kasan_report+0x141/0x180 [ 14.898545] ? copy_user_test_oob+0x604/0x10f0 [ 14.898649] kasan_check_range+0x10c/0x1c0 [ 14.898671] __kasan_check_read+0x15/0x20 [ 14.898703] copy_user_test_oob+0x604/0x10f0 [ 14.898727] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.898747] ? finish_task_switch.isra.0+0x153/0x700 [ 14.898775] ? __switch_to+0x5d9/0xf60 [ 14.898802] ? dequeue_task_fair+0x166/0x4e0 [ 14.898831] ? __schedule+0x10cc/0x2b60 [ 14.898858] ? __pfx_read_tsc+0x10/0x10 [ 14.898880] ? ktime_get_ts64+0x86/0x230 [ 14.898906] kunit_try_run_case+0x1a5/0x480 [ 14.898943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.898966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.898992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.899017] ? __kthread_parkme+0x82/0x180 [ 14.899042] ? preempt_count_sub+0x50/0x80 [ 14.899068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.899093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.899118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.899142] kthread+0x337/0x6f0 [ 14.899159] ? trace_preempt_on+0x20/0xc0 [ 14.899184] ? __pfx_kthread+0x10/0x10 [ 14.899202] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.899224] ? calculate_sigpending+0x7b/0xa0 [ 14.899248] ? __pfx_kthread+0x10/0x10 [ 14.899267] ret_from_fork+0x41/0x80 [ 14.899289] ? __pfx_kthread+0x10/0x10 [ 14.899308] ret_from_fork_asm+0x1a/0x30 [ 14.899339] </TASK> [ 14.899351] [ 14.908283] Allocated by task 304: [ 14.908535] kasan_save_stack+0x45/0x70 [ 14.908812] kasan_save_track+0x18/0x40 [ 14.908994] kasan_save_alloc_info+0x3b/0x50 [ 14.909144] __kasan_kmalloc+0xb7/0xc0 [ 14.909451] __kmalloc_noprof+0x1c9/0x500 [ 14.909676] kunit_kmalloc_array+0x25/0x60 [ 14.909940] copy_user_test_oob+0xab/0x10f0 [ 14.910112] kunit_try_run_case+0x1a5/0x480 [ 14.910323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.910719] kthread+0x337/0x6f0 [ 14.910875] ret_from_fork+0x41/0x80 [ 14.911132] ret_from_fork_asm+0x1a/0x30 [ 14.911373] [ 14.911477] The buggy address belongs to the object at ffff888102f60f00 [ 14.911477] which belongs to the cache kmalloc-128 of size 128 [ 14.912129] The buggy address is located 0 bytes inside of [ 14.912129] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.912715] [ 14.912818] The buggy address belongs to the physical page: [ 14.913064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.913390] flags: 0x200000000000000(node=0|zone=2) [ 14.913676] page_type: f5(slab) [ 14.913805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.914155] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.914639] page dumped because: kasan: bad access detected [ 14.914835] [ 14.914936] Memory state around the buggy address: [ 14.915289] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.915582] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.915911] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.916295] ^ [ 14.916617] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.916865] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.917204] ================================================================== [ 14.834892] ================================================================== [ 14.835286] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 14.835734] Write of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.836153] [ 14.836256] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.836308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.836323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.836413] Call Trace: [ 14.836466] <TASK> [ 14.836488] dump_stack_lvl+0x73/0xb0 [ 14.836515] print_report+0xd1/0x650 [ 14.836540] ? __virt_addr_valid+0x1db/0x2d0 [ 14.836586] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.836607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.836631] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.836652] kasan_report+0x141/0x180 [ 14.836676] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.836702] kasan_check_range+0x10c/0x1c0 [ 14.836723] __kasan_check_write+0x18/0x20 [ 14.836743] copy_user_test_oob+0x3fd/0x10f0 [ 14.836766] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.836787] ? finish_task_switch.isra.0+0x153/0x700 [ 14.836814] ? __switch_to+0x5d9/0xf60 [ 14.836838] ? dequeue_task_fair+0x166/0x4e0 [ 14.836864] ? __schedule+0x10cc/0x2b60 [ 14.836888] ? __pfx_read_tsc+0x10/0x10 [ 14.836910] ? ktime_get_ts64+0x86/0x230 [ 14.836946] kunit_try_run_case+0x1a5/0x480 [ 14.836973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.836996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.837022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.837047] ? __kthread_parkme+0x82/0x180 [ 14.837070] ? preempt_count_sub+0x50/0x80 [ 14.837095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.837119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.837144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.837167] kthread+0x337/0x6f0 [ 14.837185] ? trace_preempt_on+0x20/0xc0 [ 14.837210] ? __pfx_kthread+0x10/0x10 [ 14.837229] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.837252] ? calculate_sigpending+0x7b/0xa0 [ 14.837274] ? __pfx_kthread+0x10/0x10 [ 14.837293] ret_from_fork+0x41/0x80 [ 14.837315] ? __pfx_kthread+0x10/0x10 [ 14.837333] ret_from_fork_asm+0x1a/0x30 [ 14.837364] </TASK> [ 14.837376] [ 14.845749] Allocated by task 304: [ 14.845895] kasan_save_stack+0x45/0x70 [ 14.846107] kasan_save_track+0x18/0x40 [ 14.846442] kasan_save_alloc_info+0x3b/0x50 [ 14.846763] __kasan_kmalloc+0xb7/0xc0 [ 14.846965] __kmalloc_noprof+0x1c9/0x500 [ 14.847135] kunit_kmalloc_array+0x25/0x60 [ 14.847340] copy_user_test_oob+0xab/0x10f0 [ 14.847481] kunit_try_run_case+0x1a5/0x480 [ 14.847825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.848126] kthread+0x337/0x6f0 [ 14.848278] ret_from_fork+0x41/0x80 [ 14.848409] ret_from_fork_asm+0x1a/0x30 [ 14.848725] [ 14.848859] The buggy address belongs to the object at ffff888102f60f00 [ 14.848859] which belongs to the cache kmalloc-128 of size 128 [ 14.849435] The buggy address is located 0 bytes inside of [ 14.849435] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.850036] [ 14.850157] The buggy address belongs to the physical page: [ 14.850403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.850823] flags: 0x200000000000000(node=0|zone=2) [ 14.851077] page_type: f5(slab) [ 14.851228] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.851526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.851863] page dumped because: kasan: bad access detected [ 14.852097] [ 14.852190] Memory state around the buggy address: [ 14.852512] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.852860] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.853107] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.853523] ^ [ 14.853846] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.854208] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.854521] ================================================================== [ 14.875709] ================================================================== [ 14.876240] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 14.876639] Write of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.876978] [ 14.877165] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.877216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.877229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.877252] Call Trace: [ 14.877274] <TASK> [ 14.877295] dump_stack_lvl+0x73/0xb0 [ 14.877385] print_report+0xd1/0x650 [ 14.877422] ? __virt_addr_valid+0x1db/0x2d0 [ 14.877446] ? copy_user_test_oob+0x557/0x10f0 [ 14.877467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.877492] ? copy_user_test_oob+0x557/0x10f0 [ 14.877513] kasan_report+0x141/0x180 [ 14.877536] ? copy_user_test_oob+0x557/0x10f0 [ 14.877583] kasan_check_range+0x10c/0x1c0 [ 14.877605] __kasan_check_write+0x18/0x20 [ 14.877626] copy_user_test_oob+0x557/0x10f0 [ 14.877648] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.877669] ? finish_task_switch.isra.0+0x153/0x700 [ 14.877696] ? __switch_to+0x5d9/0xf60 [ 14.877719] ? dequeue_task_fair+0x166/0x4e0 [ 14.877744] ? __schedule+0x10cc/0x2b60 [ 14.877769] ? __pfx_read_tsc+0x10/0x10 [ 14.877790] ? ktime_get_ts64+0x86/0x230 [ 14.877817] kunit_try_run_case+0x1a5/0x480 [ 14.877844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.877867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.877892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.877926] ? __kthread_parkme+0x82/0x180 [ 14.877949] ? preempt_count_sub+0x50/0x80 [ 14.877975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.877999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.878024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.878048] kthread+0x337/0x6f0 [ 14.878066] ? trace_preempt_on+0x20/0xc0 [ 14.878090] ? __pfx_kthread+0x10/0x10 [ 14.878108] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.878131] ? calculate_sigpending+0x7b/0xa0 [ 14.878153] ? __pfx_kthread+0x10/0x10 [ 14.878172] ret_from_fork+0x41/0x80 [ 14.878196] ? __pfx_kthread+0x10/0x10 [ 14.878215] ret_from_fork_asm+0x1a/0x30 [ 14.878247] </TASK> [ 14.878259] [ 14.887325] Allocated by task 304: [ 14.887515] kasan_save_stack+0x45/0x70 [ 14.887691] kasan_save_track+0x18/0x40 [ 14.887891] kasan_save_alloc_info+0x3b/0x50 [ 14.888110] __kasan_kmalloc+0xb7/0xc0 [ 14.888302] __kmalloc_noprof+0x1c9/0x500 [ 14.888496] kunit_kmalloc_array+0x25/0x60 [ 14.888751] copy_user_test_oob+0xab/0x10f0 [ 14.888900] kunit_try_run_case+0x1a5/0x480 [ 14.889119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.889485] kthread+0x337/0x6f0 [ 14.889742] ret_from_fork+0x41/0x80 [ 14.889962] ret_from_fork_asm+0x1a/0x30 [ 14.890156] [ 14.890256] The buggy address belongs to the object at ffff888102f60f00 [ 14.890256] which belongs to the cache kmalloc-128 of size 128 [ 14.890795] The buggy address is located 0 bytes inside of [ 14.890795] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.891411] [ 14.891512] The buggy address belongs to the physical page: [ 14.891840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.892222] flags: 0x200000000000000(node=0|zone=2) [ 14.892494] page_type: f5(slab) [ 14.892747] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.893121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.893461] page dumped because: kasan: bad access detected [ 14.893727] [ 14.893913] Memory state around the buggy address: [ 14.894181] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.894462] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.894889] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.895236] ^ [ 14.895532] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.895875] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.896234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 14.809682] ================================================================== [ 14.810050] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 14.810399] Read of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.810796] [ 14.810966] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.811051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.811124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.811150] Call Trace: [ 14.811178] <TASK> [ 14.811198] dump_stack_lvl+0x73/0xb0 [ 14.811227] print_report+0xd1/0x650 [ 14.811254] ? __virt_addr_valid+0x1db/0x2d0 [ 14.811277] ? _copy_to_user+0x4a/0x70 [ 14.811297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.811321] ? _copy_to_user+0x4a/0x70 [ 14.811341] kasan_report+0x141/0x180 [ 14.811366] ? _copy_to_user+0x4a/0x70 [ 14.811391] kasan_check_range+0x10c/0x1c0 [ 14.811412] __kasan_check_read+0x15/0x20 [ 14.811433] _copy_to_user+0x4a/0x70 [ 14.811453] copy_user_test_oob+0x364/0x10f0 [ 14.811477] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.811497] ? finish_task_switch.isra.0+0x153/0x700 [ 14.811522] ? __switch_to+0x5d9/0xf60 [ 14.811544] ? dequeue_task_fair+0x166/0x4e0 [ 14.811592] ? __schedule+0x10cc/0x2b60 [ 14.811616] ? __pfx_read_tsc+0x10/0x10 [ 14.811638] ? ktime_get_ts64+0x86/0x230 [ 14.811665] kunit_try_run_case+0x1a5/0x480 [ 14.811690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.811713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.811739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.811764] ? __kthread_parkme+0x82/0x180 [ 14.811787] ? preempt_count_sub+0x50/0x80 [ 14.811813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.811837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.811862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.811886] kthread+0x337/0x6f0 [ 14.811903] ? trace_preempt_on+0x20/0xc0 [ 14.811937] ? __pfx_kthread+0x10/0x10 [ 14.811956] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.811978] ? calculate_sigpending+0x7b/0xa0 [ 14.812002] ? __pfx_kthread+0x10/0x10 [ 14.812021] ret_from_fork+0x41/0x80 [ 14.812043] ? __pfx_kthread+0x10/0x10 [ 14.812061] ret_from_fork_asm+0x1a/0x30 [ 14.812093] </TASK> [ 14.812105] [ 14.820896] Allocated by task 304: [ 14.821064] kasan_save_stack+0x45/0x70 [ 14.821217] kasan_save_track+0x18/0x40 [ 14.821380] kasan_save_alloc_info+0x3b/0x50 [ 14.821804] __kasan_kmalloc+0xb7/0xc0 [ 14.822009] __kmalloc_noprof+0x1c9/0x500 [ 14.822253] kunit_kmalloc_array+0x25/0x60 [ 14.822499] copy_user_test_oob+0xab/0x10f0 [ 14.822725] kunit_try_run_case+0x1a5/0x480 [ 14.822985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.823243] kthread+0x337/0x6f0 [ 14.823371] ret_from_fork+0x41/0x80 [ 14.823612] ret_from_fork_asm+0x1a/0x30 [ 14.823848] [ 14.823931] The buggy address belongs to the object at ffff888102f60f00 [ 14.823931] which belongs to the cache kmalloc-128 of size 128 [ 14.824538] The buggy address is located 0 bytes inside of [ 14.824538] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.825147] [ 14.825262] The buggy address belongs to the physical page: [ 14.825454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.825906] flags: 0x200000000000000(node=0|zone=2) [ 14.826175] page_type: f5(slab) [ 14.826358] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.826802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.827163] page dumped because: kasan: bad access detected [ 14.827390] [ 14.827519] Memory state around the buggy address: [ 14.827783] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.828230] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.828543] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.828795] ^ [ 14.829111] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.829427] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.829760] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 14.781480] ================================================================== [ 14.782386] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 14.782986] Write of size 121 at addr ffff888102f60f00 by task kunit_try_catch/304 [ 14.783965] [ 14.784221] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.784321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.784335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.784362] Call Trace: [ 14.784379] <TASK> [ 14.784404] dump_stack_lvl+0x73/0xb0 [ 14.784437] print_report+0xd1/0x650 [ 14.784464] ? __virt_addr_valid+0x1db/0x2d0 [ 14.784490] ? _copy_from_user+0x32/0x90 [ 14.784511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.784536] ? _copy_from_user+0x32/0x90 [ 14.784595] kasan_report+0x141/0x180 [ 14.784620] ? _copy_from_user+0x32/0x90 [ 14.784645] kasan_check_range+0x10c/0x1c0 [ 14.784677] __kasan_check_write+0x18/0x20 [ 14.784698] _copy_from_user+0x32/0x90 [ 14.784734] copy_user_test_oob+0x2be/0x10f0 [ 14.784759] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.784779] ? finish_task_switch.isra.0+0x153/0x700 [ 14.784806] ? __switch_to+0x5d9/0xf60 [ 14.784829] ? dequeue_task_fair+0x166/0x4e0 [ 14.784854] ? __schedule+0x10cc/0x2b60 [ 14.784879] ? __pfx_read_tsc+0x10/0x10 [ 14.784902] ? ktime_get_ts64+0x86/0x230 [ 14.784940] kunit_try_run_case+0x1a5/0x480 [ 14.784966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.784989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.785015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.785039] ? __kthread_parkme+0x82/0x180 [ 14.785063] ? preempt_count_sub+0x50/0x80 [ 14.785090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.785114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.785162] kthread+0x337/0x6f0 [ 14.785180] ? trace_preempt_on+0x20/0xc0 [ 14.785206] ? __pfx_kthread+0x10/0x10 [ 14.785225] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.785247] ? calculate_sigpending+0x7b/0xa0 [ 14.785271] ? __pfx_kthread+0x10/0x10 [ 14.785291] ret_from_fork+0x41/0x80 [ 14.785313] ? __pfx_kthread+0x10/0x10 [ 14.785333] ret_from_fork_asm+0x1a/0x30 [ 14.785365] </TASK> [ 14.785378] [ 14.796212] Allocated by task 304: [ 14.796441] kasan_save_stack+0x45/0x70 [ 14.796638] kasan_save_track+0x18/0x40 [ 14.796800] kasan_save_alloc_info+0x3b/0x50 [ 14.797137] __kasan_kmalloc+0xb7/0xc0 [ 14.797276] __kmalloc_noprof+0x1c9/0x500 [ 14.797418] kunit_kmalloc_array+0x25/0x60 [ 14.797586] copy_user_test_oob+0xab/0x10f0 [ 14.797746] kunit_try_run_case+0x1a5/0x480 [ 14.797950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798202] kthread+0x337/0x6f0 [ 14.798536] ret_from_fork+0x41/0x80 [ 14.799009] ret_from_fork_asm+0x1a/0x30 [ 14.799212] [ 14.799322] The buggy address belongs to the object at ffff888102f60f00 [ 14.799322] which belongs to the cache kmalloc-128 of size 128 [ 14.799982] The buggy address is located 0 bytes inside of [ 14.799982] allocated 120-byte region [ffff888102f60f00, ffff888102f60f78) [ 14.800484] [ 14.800615] The buggy address belongs to the physical page: [ 14.800910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 14.801162] flags: 0x200000000000000(node=0|zone=2) [ 14.801402] page_type: f5(slab) [ 14.801872] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.802229] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.802500] page dumped because: kasan: bad access detected [ 14.802698] [ 14.802810] Memory state around the buggy address: [ 14.803122] ffff888102f60e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.803602] ffff888102f60e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804043] >ffff888102f60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.804650] ^ [ 14.804867] ffff888102f60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.805341] ffff888102f61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.805800] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 14.735741] ================================================================== [ 14.736339] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 14.736608] Write of size 8 at addr ffff888102a14078 by task kunit_try_catch/300 [ 14.737456] [ 14.737725] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.737779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.737815] Call Trace: [ 14.737837] <TASK> [ 14.737858] dump_stack_lvl+0x73/0xb0 [ 14.737886] print_report+0xd1/0x650 [ 14.737913] ? __virt_addr_valid+0x1db/0x2d0 [ 14.737947] ? copy_to_kernel_nofault+0x99/0x260 [ 14.737968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.737992] ? copy_to_kernel_nofault+0x99/0x260 [ 14.738014] kasan_report+0x141/0x180 [ 14.738036] ? copy_to_kernel_nofault+0x99/0x260 [ 14.738062] kasan_check_range+0x10c/0x1c0 [ 14.738083] __kasan_check_write+0x18/0x20 [ 14.738104] copy_to_kernel_nofault+0x99/0x260 [ 14.738126] copy_to_kernel_nofault_oob+0x288/0x560 [ 14.738151] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.738174] ? finish_task_switch.isra.0+0x153/0x700 [ 14.738199] ? __schedule+0x10cc/0x2b60 [ 14.738223] ? trace_hardirqs_on+0x37/0xe0 [ 14.738256] ? __pfx_read_tsc+0x10/0x10 [ 14.738276] ? ktime_get_ts64+0x86/0x230 [ 14.738302] kunit_try_run_case+0x1a5/0x480 [ 14.738329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738401] ? __kthread_parkme+0x82/0x180 [ 14.738424] ? preempt_count_sub+0x50/0x80 [ 14.738449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738523] kthread+0x337/0x6f0 [ 14.738541] ? trace_preempt_on+0x20/0xc0 [ 14.738616] ? __pfx_kthread+0x10/0x10 [ 14.738638] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738660] ? calculate_sigpending+0x7b/0xa0 [ 14.738683] ? __pfx_kthread+0x10/0x10 [ 14.738702] ret_from_fork+0x41/0x80 [ 14.738944] ? __pfx_kthread+0x10/0x10 [ 14.738968] ret_from_fork_asm+0x1a/0x30 [ 14.739000] </TASK> [ 14.739013] [ 14.754281] Allocated by task 300: [ 14.754450] kasan_save_stack+0x45/0x70 [ 14.754666] kasan_save_track+0x18/0x40 [ 14.755410] kasan_save_alloc_info+0x3b/0x50 [ 14.755960] __kasan_kmalloc+0xb7/0xc0 [ 14.756350] __kmalloc_cache_noprof+0x189/0x420 [ 14.756874] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.757298] kunit_try_run_case+0x1a5/0x480 [ 14.757451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757652] kthread+0x337/0x6f0 [ 14.758014] ret_from_fork+0x41/0x80 [ 14.758461] ret_from_fork_asm+0x1a/0x30 [ 14.758969] [ 14.759094] The buggy address belongs to the object at ffff888102a14000 [ 14.759094] which belongs to the cache kmalloc-128 of size 128 [ 14.760577] The buggy address is located 0 bytes to the right of [ 14.760577] allocated 120-byte region [ffff888102a14000, ffff888102a14078) [ 14.761044] [ 14.761206] The buggy address belongs to the physical page: [ 14.761754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a14 [ 14.762587] flags: 0x200000000000000(node=0|zone=2) [ 14.762976] page_type: f5(slab) [ 14.763172] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.763612] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.763841] page dumped because: kasan: bad access detected [ 14.764042] [ 14.764112] Memory state around the buggy address: [ 14.764303] ffff888102a13f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765050] ffff888102a13f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765779] >ffff888102a14000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.766710] ^ [ 14.767174] ffff888102a14080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.767594] ffff888102a14100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768364] ================================================================== [ 14.699282] ================================================================== [ 14.700171] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 14.700436] Read of size 8 at addr ffff888102a14078 by task kunit_try_catch/300 [ 14.701987] [ 14.702209] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.702264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.702279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.702312] Call Trace: [ 14.702326] <TASK> [ 14.702346] dump_stack_lvl+0x73/0xb0 [ 14.702378] print_report+0xd1/0x650 [ 14.702404] ? __virt_addr_valid+0x1db/0x2d0 [ 14.702427] ? copy_to_kernel_nofault+0x225/0x260 [ 14.702449] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.702473] ? copy_to_kernel_nofault+0x225/0x260 [ 14.702495] kasan_report+0x141/0x180 [ 14.702519] ? copy_to_kernel_nofault+0x225/0x260 [ 14.702546] __asan_report_load8_noabort+0x18/0x20 [ 14.702845] copy_to_kernel_nofault+0x225/0x260 [ 14.702871] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 14.702898] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.702937] ? finish_task_switch.isra.0+0x153/0x700 [ 14.702965] ? __schedule+0x10cc/0x2b60 [ 14.703080] ? trace_hardirqs_on+0x37/0xe0 [ 14.703114] ? __pfx_read_tsc+0x10/0x10 [ 14.703135] ? ktime_get_ts64+0x86/0x230 [ 14.703162] kunit_try_run_case+0x1a5/0x480 [ 14.703189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.703238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.703263] ? __kthread_parkme+0x82/0x180 [ 14.703286] ? preempt_count_sub+0x50/0x80 [ 14.703312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.703360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.703384] kthread+0x337/0x6f0 [ 14.703402] ? trace_preempt_on+0x20/0xc0 [ 14.703425] ? __pfx_kthread+0x10/0x10 [ 14.703444] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.703466] ? calculate_sigpending+0x7b/0xa0 [ 14.703489] ? __pfx_kthread+0x10/0x10 [ 14.703508] ret_from_fork+0x41/0x80 [ 14.703529] ? __pfx_kthread+0x10/0x10 [ 14.703599] ret_from_fork_asm+0x1a/0x30 [ 14.703634] </TASK> [ 14.703647] [ 14.718392] Allocated by task 300: [ 14.718616] kasan_save_stack+0x45/0x70 [ 14.719189] kasan_save_track+0x18/0x40 [ 14.719993] kasan_save_alloc_info+0x3b/0x50 [ 14.720470] __kasan_kmalloc+0xb7/0xc0 [ 14.720998] __kmalloc_cache_noprof+0x189/0x420 [ 14.721476] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.722074] kunit_try_run_case+0x1a5/0x480 [ 14.722520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.723123] kthread+0x337/0x6f0 [ 14.723538] ret_from_fork+0x41/0x80 [ 14.723836] ret_from_fork_asm+0x1a/0x30 [ 14.724020] [ 14.724179] The buggy address belongs to the object at ffff888102a14000 [ 14.724179] which belongs to the cache kmalloc-128 of size 128 [ 14.725513] The buggy address is located 0 bytes to the right of [ 14.725513] allocated 120-byte region [ffff888102a14000, ffff888102a14078) [ 14.726415] [ 14.726661] The buggy address belongs to the physical page: [ 14.727199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a14 [ 14.727462] flags: 0x200000000000000(node=0|zone=2) [ 14.727698] page_type: f5(slab) [ 14.728105] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.728894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.729707] page dumped because: kasan: bad access detected [ 14.730324] [ 14.730417] Memory state around the buggy address: [ 14.730578] ffff888102a13f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.731083] ffff888102a13f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.731871] >ffff888102a14000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.732601] ^ [ 14.733375] ffff888102a14080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.733616] ffff888102a14100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 13.335959] ================================================================== [ 13.336300] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.336651] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.337309] [ 13.337427] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.337476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.337490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.337513] Call Trace: [ 13.337532] <TASK> [ 13.337553] dump_stack_lvl+0x73/0xb0 [ 13.337581] print_report+0xd1/0x650 [ 13.337605] ? __virt_addr_valid+0x1db/0x2d0 [ 13.337628] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.337650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.337674] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.337697] kasan_report+0x141/0x180 [ 13.337720] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.337748] __asan_report_load4_noabort+0x18/0x20 [ 13.337770] kasan_atomics_helper+0x4b88/0x5450 [ 13.337794] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.337817] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.337840] ? kasan_atomics+0x152/0x310 [ 13.337864] kasan_atomics+0x1dc/0x310 [ 13.337884] ? __pfx_kasan_atomics+0x10/0x10 [ 13.337905] ? __pfx_read_tsc+0x10/0x10 [ 13.337939] ? ktime_get_ts64+0x86/0x230 [ 13.337965] kunit_try_run_case+0x1a5/0x480 [ 13.337991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.338014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.338040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.338064] ? __kthread_parkme+0x82/0x180 [ 13.338087] ? preempt_count_sub+0x50/0x80 [ 13.338113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.338138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.338161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.338186] kthread+0x337/0x6f0 [ 13.338204] ? trace_preempt_on+0x20/0xc0 [ 13.338229] ? __pfx_kthread+0x10/0x10 [ 13.338248] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.338270] ? calculate_sigpending+0x7b/0xa0 [ 13.338293] ? __pfx_kthread+0x10/0x10 [ 13.338312] ret_from_fork+0x41/0x80 [ 13.338333] ? __pfx_kthread+0x10/0x10 [ 13.338351] ret_from_fork_asm+0x1a/0x30 [ 13.338383] </TASK> [ 13.338395] [ 13.346126] Allocated by task 284: [ 13.346293] kasan_save_stack+0x45/0x70 [ 13.346438] kasan_save_track+0x18/0x40 [ 13.346570] kasan_save_alloc_info+0x3b/0x50 [ 13.346710] __kasan_kmalloc+0xb7/0xc0 [ 13.346892] __kmalloc_cache_noprof+0x189/0x420 [ 13.347110] kasan_atomics+0x95/0x310 [ 13.347293] kunit_try_run_case+0x1a5/0x480 [ 13.347494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.347923] kthread+0x337/0x6f0 [ 13.348051] ret_from_fork+0x41/0x80 [ 13.348179] ret_from_fork_asm+0x1a/0x30 [ 13.348320] [ 13.348391] The buggy address belongs to the object at ffff888102a0bf80 [ 13.348391] which belongs to the cache kmalloc-64 of size 64 [ 13.349280] The buggy address is located 0 bytes to the right of [ 13.349280] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.349869] [ 13.349988] The buggy address belongs to the physical page: [ 13.350240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.350622] flags: 0x200000000000000(node=0|zone=2) [ 13.350841] page_type: f5(slab) [ 13.350978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.351257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.351616] page dumped because: kasan: bad access detected [ 13.351932] [ 13.352050] Memory state around the buggy address: [ 13.352287] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.352666] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.353052] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.353367] ^ [ 13.353586] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.353903] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.354195] ================================================================== [ 13.739806] ================================================================== [ 13.740118] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 13.740444] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.740902] [ 13.741006] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.741054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.741067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.741100] Call Trace: [ 13.741119] <TASK> [ 13.741138] dump_stack_lvl+0x73/0xb0 [ 13.741175] print_report+0xd1/0x650 [ 13.741198] ? __virt_addr_valid+0x1db/0x2d0 [ 13.741221] ? kasan_atomics_helper+0xde0/0x5450 [ 13.741245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.741269] ? kasan_atomics_helper+0xde0/0x5450 [ 13.741301] kasan_report+0x141/0x180 [ 13.741325] ? kasan_atomics_helper+0xde0/0x5450 [ 13.741363] kasan_check_range+0x10c/0x1c0 [ 13.741384] __kasan_check_write+0x18/0x20 [ 13.741404] kasan_atomics_helper+0xde0/0x5450 [ 13.741428] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.741460] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.741482] ? kasan_atomics+0x152/0x310 [ 13.741507] kasan_atomics+0x1dc/0x310 [ 13.741538] ? __pfx_kasan_atomics+0x10/0x10 [ 13.741559] ? __pfx_read_tsc+0x10/0x10 [ 13.741580] ? ktime_get_ts64+0x86/0x230 [ 13.741606] kunit_try_run_case+0x1a5/0x480 [ 13.741640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.741663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.741688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.741723] ? __kthread_parkme+0x82/0x180 [ 13.741746] ? preempt_count_sub+0x50/0x80 [ 13.741772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.741805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.741829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.741853] kthread+0x337/0x6f0 [ 13.741881] ? trace_preempt_on+0x20/0xc0 [ 13.741905] ? __pfx_kthread+0x10/0x10 [ 13.741933] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.741956] ? calculate_sigpending+0x7b/0xa0 [ 13.741986] ? __pfx_kthread+0x10/0x10 [ 13.742005] ret_from_fork+0x41/0x80 [ 13.742028] ? __pfx_kthread+0x10/0x10 [ 13.742058] ret_from_fork_asm+0x1a/0x30 [ 13.742090] </TASK> [ 13.742100] [ 13.750013] Allocated by task 284: [ 13.750178] kasan_save_stack+0x45/0x70 [ 13.750324] kasan_save_track+0x18/0x40 [ 13.750459] kasan_save_alloc_info+0x3b/0x50 [ 13.750604] __kasan_kmalloc+0xb7/0xc0 [ 13.750735] __kmalloc_cache_noprof+0x189/0x420 [ 13.750888] kasan_atomics+0x95/0x310 [ 13.751153] kunit_try_run_case+0x1a5/0x480 [ 13.751373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.751692] kthread+0x337/0x6f0 [ 13.751858] ret_from_fork+0x41/0x80 [ 13.752043] ret_from_fork_asm+0x1a/0x30 [ 13.752183] [ 13.752259] The buggy address belongs to the object at ffff888102a0bf80 [ 13.752259] which belongs to the cache kmalloc-64 of size 64 [ 13.752614] The buggy address is located 0 bytes to the right of [ 13.752614] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.753685] [ 13.753783] The buggy address belongs to the physical page: [ 13.754069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.754428] flags: 0x200000000000000(node=0|zone=2) [ 13.754681] page_type: f5(slab) [ 13.754886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.755221] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.755448] page dumped because: kasan: bad access detected [ 13.755635] [ 13.755727] Memory state around the buggy address: [ 13.755984] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.756492] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.756775] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.757104] ^ [ 13.757330] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.757713] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.758009] ================================================================== [ 13.682429] ================================================================== [ 13.683070] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 13.683361] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.683715] [ 13.683817] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.683862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.683875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.683896] Call Trace: [ 13.683913] <TASK> [ 13.683941] dump_stack_lvl+0x73/0xb0 [ 13.683965] print_report+0xd1/0x650 [ 13.683987] ? __virt_addr_valid+0x1db/0x2d0 [ 13.684022] ? kasan_atomics_helper+0xc70/0x5450 [ 13.684043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.684066] ? kasan_atomics_helper+0xc70/0x5450 [ 13.684089] kasan_report+0x141/0x180 [ 13.684113] ? kasan_atomics_helper+0xc70/0x5450 [ 13.684140] kasan_check_range+0x10c/0x1c0 [ 13.684161] __kasan_check_write+0x18/0x20 [ 13.684191] kasan_atomics_helper+0xc70/0x5450 [ 13.684215] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.684238] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.684275] ? kasan_atomics+0x152/0x310 [ 13.684300] kasan_atomics+0x1dc/0x310 [ 13.684319] ? __pfx_kasan_atomics+0x10/0x10 [ 13.684341] ? __pfx_read_tsc+0x10/0x10 [ 13.684361] ? ktime_get_ts64+0x86/0x230 [ 13.684388] kunit_try_run_case+0x1a5/0x480 [ 13.684413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.684435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.684460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.684484] ? __kthread_parkme+0x82/0x180 [ 13.684507] ? preempt_count_sub+0x50/0x80 [ 13.684543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.684574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.684609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.684633] kthread+0x337/0x6f0 [ 13.684650] ? trace_preempt_on+0x20/0xc0 [ 13.684674] ? __pfx_kthread+0x10/0x10 [ 13.684693] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.684716] ? calculate_sigpending+0x7b/0xa0 [ 13.684738] ? __pfx_kthread+0x10/0x10 [ 13.684757] ret_from_fork+0x41/0x80 [ 13.684778] ? __pfx_kthread+0x10/0x10 [ 13.684797] ret_from_fork_asm+0x1a/0x30 [ 13.684828] </TASK> [ 13.684839] [ 13.692421] Allocated by task 284: [ 13.692566] kasan_save_stack+0x45/0x70 [ 13.692727] kasan_save_track+0x18/0x40 [ 13.692964] kasan_save_alloc_info+0x3b/0x50 [ 13.693171] __kasan_kmalloc+0xb7/0xc0 [ 13.693358] __kmalloc_cache_noprof+0x189/0x420 [ 13.693570] kasan_atomics+0x95/0x310 [ 13.693700] kunit_try_run_case+0x1a5/0x480 [ 13.693850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.694088] kthread+0x337/0x6f0 [ 13.694254] ret_from_fork+0x41/0x80 [ 13.694613] ret_from_fork_asm+0x1a/0x30 [ 13.694786] [ 13.694861] The buggy address belongs to the object at ffff888102a0bf80 [ 13.694861] which belongs to the cache kmalloc-64 of size 64 [ 13.695320] The buggy address is located 0 bytes to the right of [ 13.695320] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.695687] [ 13.695782] The buggy address belongs to the physical page: [ 13.696047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.696427] flags: 0x200000000000000(node=0|zone=2) [ 13.696791] page_type: f5(slab) [ 13.696974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.697314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.697717] page dumped because: kasan: bad access detected [ 13.697942] [ 13.698011] Memory state around the buggy address: [ 13.698169] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.698386] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.698861] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.699216] ^ [ 13.699458] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.699773] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.700072] ================================================================== [ 13.880331] ================================================================== [ 13.880661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 13.880900] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.881258] [ 13.881376] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.881433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.881446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.881470] Call Trace: [ 13.881502] <TASK> [ 13.881523] dump_stack_lvl+0x73/0xb0 [ 13.881550] print_report+0xd1/0x650 [ 13.881575] ? __virt_addr_valid+0x1db/0x2d0 [ 13.881598] ? kasan_atomics_helper+0x1148/0x5450 [ 13.881620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.881643] ? kasan_atomics_helper+0x1148/0x5450 [ 13.881666] kasan_report+0x141/0x180 [ 13.881689] ? kasan_atomics_helper+0x1148/0x5450 [ 13.881716] kasan_check_range+0x10c/0x1c0 [ 13.881737] __kasan_check_write+0x18/0x20 [ 13.881757] kasan_atomics_helper+0x1148/0x5450 [ 13.881782] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.881805] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.881828] ? kasan_atomics+0x152/0x310 [ 13.881852] kasan_atomics+0x1dc/0x310 [ 13.881873] ? __pfx_kasan_atomics+0x10/0x10 [ 13.881894] ? __pfx_read_tsc+0x10/0x10 [ 13.881935] ? ktime_get_ts64+0x86/0x230 [ 13.881963] kunit_try_run_case+0x1a5/0x480 [ 13.881989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.882048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.882073] ? __kthread_parkme+0x82/0x180 [ 13.882096] ? preempt_count_sub+0x50/0x80 [ 13.882122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.882170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.882194] kthread+0x337/0x6f0 [ 13.882212] ? trace_preempt_on+0x20/0xc0 [ 13.882236] ? __pfx_kthread+0x10/0x10 [ 13.882258] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.882280] ? calculate_sigpending+0x7b/0xa0 [ 13.882302] ? __pfx_kthread+0x10/0x10 [ 13.882322] ret_from_fork+0x41/0x80 [ 13.882343] ? __pfx_kthread+0x10/0x10 [ 13.882361] ret_from_fork_asm+0x1a/0x30 [ 13.882394] </TASK> [ 13.882406] [ 13.890116] Allocated by task 284: [ 13.890267] kasan_save_stack+0x45/0x70 [ 13.890418] kasan_save_track+0x18/0x40 [ 13.890555] kasan_save_alloc_info+0x3b/0x50 [ 13.890967] __kasan_kmalloc+0xb7/0xc0 [ 13.891159] __kmalloc_cache_noprof+0x189/0x420 [ 13.891399] kasan_atomics+0x95/0x310 [ 13.891592] kunit_try_run_case+0x1a5/0x480 [ 13.891809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.892068] kthread+0x337/0x6f0 [ 13.892196] ret_from_fork+0x41/0x80 [ 13.892346] ret_from_fork_asm+0x1a/0x30 [ 13.892547] [ 13.892680] The buggy address belongs to the object at ffff888102a0bf80 [ 13.892680] which belongs to the cache kmalloc-64 of size 64 [ 13.893223] The buggy address is located 0 bytes to the right of [ 13.893223] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.893747] [ 13.893869] The buggy address belongs to the physical page: [ 13.894100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.894434] flags: 0x200000000000000(node=0|zone=2) [ 13.894705] page_type: f5(slab) [ 13.894875] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.895224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.895539] page dumped because: kasan: bad access detected [ 13.895766] [ 13.895873] Memory state around the buggy address: [ 13.896105] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.896358] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.896579] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.896930] ^ [ 13.897152] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.897452] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.897887] ================================================================== [ 14.254602] ================================================================== [ 14.254855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.255849] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.256180] [ 14.256284] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.256333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.256346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.256370] Call Trace: [ 14.256391] <TASK> [ 14.256411] dump_stack_lvl+0x73/0xb0 [ 14.256439] print_report+0xd1/0x650 [ 14.256465] ? __virt_addr_valid+0x1db/0x2d0 [ 14.256487] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.256511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.256535] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.256557] kasan_report+0x141/0x180 [ 14.256581] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.256609] kasan_check_range+0x10c/0x1c0 [ 14.256629] __kasan_check_write+0x18/0x20 [ 14.256660] kasan_atomics_helper+0x19e3/0x5450 [ 14.256684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.256707] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.256729] ? kasan_atomics+0x152/0x310 [ 14.256754] kasan_atomics+0x1dc/0x310 [ 14.256774] ? __pfx_kasan_atomics+0x10/0x10 [ 14.256794] ? __pfx_read_tsc+0x10/0x10 [ 14.256816] ? ktime_get_ts64+0x86/0x230 [ 14.256842] kunit_try_run_case+0x1a5/0x480 [ 14.256868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.256890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.256927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.256951] ? __kthread_parkme+0x82/0x180 [ 14.256974] ? preempt_count_sub+0x50/0x80 [ 14.257000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.257024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.257048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.257071] kthread+0x337/0x6f0 [ 14.257089] ? trace_preempt_on+0x20/0xc0 [ 14.257112] ? __pfx_kthread+0x10/0x10 [ 14.257131] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.257153] ? calculate_sigpending+0x7b/0xa0 [ 14.257176] ? __pfx_kthread+0x10/0x10 [ 14.257194] ret_from_fork+0x41/0x80 [ 14.257215] ? __pfx_kthread+0x10/0x10 [ 14.257233] ret_from_fork_asm+0x1a/0x30 [ 14.257265] </TASK> [ 14.257276] [ 14.264701] Allocated by task 284: [ 14.264892] kasan_save_stack+0x45/0x70 [ 14.265111] kasan_save_track+0x18/0x40 [ 14.265303] kasan_save_alloc_info+0x3b/0x50 [ 14.265511] __kasan_kmalloc+0xb7/0xc0 [ 14.265860] __kmalloc_cache_noprof+0x189/0x420 [ 14.266029] kasan_atomics+0x95/0x310 [ 14.266162] kunit_try_run_case+0x1a5/0x480 [ 14.266311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.266553] kthread+0x337/0x6f0 [ 14.266719] ret_from_fork+0x41/0x80 [ 14.266902] ret_from_fork_asm+0x1a/0x30 [ 14.267108] [ 14.267208] The buggy address belongs to the object at ffff888102a0bf80 [ 14.267208] which belongs to the cache kmalloc-64 of size 64 [ 14.267693] The buggy address is located 0 bytes to the right of [ 14.267693] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.268074] [ 14.268149] The buggy address belongs to the physical page: [ 14.268389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.268741] flags: 0x200000000000000(node=0|zone=2) [ 14.269102] page_type: f5(slab) [ 14.269328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.269660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.269890] page dumped because: kasan: bad access detected [ 14.270071] [ 14.270140] Memory state around the buggy address: [ 14.270468] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271082] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271403] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.271724] ^ [ 14.271932] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.272149] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.272448] ================================================================== [ 13.434010] ================================================================== [ 13.434379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.434930] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.435266] [ 13.435355] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.435401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.435414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.435437] Call Trace: [ 13.435456] <TASK> [ 13.435473] dump_stack_lvl+0x73/0xb0 [ 13.435498] print_report+0xd1/0x650 [ 13.435522] ? __virt_addr_valid+0x1db/0x2d0 [ 13.435545] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.435567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.435590] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.435613] kasan_report+0x141/0x180 [ 13.435637] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.435664] __asan_report_store4_noabort+0x1b/0x30 [ 13.435687] kasan_atomics_helper+0x4b3a/0x5450 [ 13.435712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.435737] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.435764] ? kasan_atomics+0x152/0x310 [ 13.435790] kasan_atomics+0x1dc/0x310 [ 13.435809] ? __pfx_kasan_atomics+0x10/0x10 [ 13.435832] ? __pfx_read_tsc+0x10/0x10 [ 13.435852] ? ktime_get_ts64+0x86/0x230 [ 13.435879] kunit_try_run_case+0x1a5/0x480 [ 13.435905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.435941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.435967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.435991] ? __kthread_parkme+0x82/0x180 [ 13.436014] ? preempt_count_sub+0x50/0x80 [ 13.436041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.436078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.436102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.436127] kthread+0x337/0x6f0 [ 13.436144] ? trace_preempt_on+0x20/0xc0 [ 13.436169] ? __pfx_kthread+0x10/0x10 [ 13.436188] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.436210] ? calculate_sigpending+0x7b/0xa0 [ 13.436232] ? __pfx_kthread+0x10/0x10 [ 13.436258] ret_from_fork+0x41/0x80 [ 13.436279] ? __pfx_kthread+0x10/0x10 [ 13.436298] ret_from_fork_asm+0x1a/0x30 [ 13.436331] </TASK> [ 13.436343] [ 13.443996] Allocated by task 284: [ 13.444188] kasan_save_stack+0x45/0x70 [ 13.444349] kasan_save_track+0x18/0x40 [ 13.444487] kasan_save_alloc_info+0x3b/0x50 [ 13.444674] __kasan_kmalloc+0xb7/0xc0 [ 13.444862] __kmalloc_cache_noprof+0x189/0x420 [ 13.445099] kasan_atomics+0x95/0x310 [ 13.445326] kunit_try_run_case+0x1a5/0x480 [ 13.445552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.445733] kthread+0x337/0x6f0 [ 13.445852] ret_from_fork+0x41/0x80 [ 13.445994] ret_from_fork_asm+0x1a/0x30 [ 13.446137] [ 13.446208] The buggy address belongs to the object at ffff888102a0bf80 [ 13.446208] which belongs to the cache kmalloc-64 of size 64 [ 13.446563] The buggy address is located 0 bytes to the right of [ 13.446563] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.446937] [ 13.447034] The buggy address belongs to the physical page: [ 13.447286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.447636] flags: 0x200000000000000(node=0|zone=2) [ 13.447886] page_type: f5(slab) [ 13.448066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.448409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.448985] page dumped because: kasan: bad access detected [ 13.449234] [ 13.449330] Memory state around the buggy address: [ 13.449554] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.450072] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.450287] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.450498] ^ [ 13.450651] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.450863] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.451515] ================================================================== [ 13.980213] ================================================================== [ 13.980562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 13.980993] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.981296] [ 13.981410] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.981457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.981470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.981492] Call Trace: [ 13.981523] <TASK> [ 13.981542] dump_stack_lvl+0x73/0xb0 [ 13.981568] print_report+0xd1/0x650 [ 13.981604] ? __virt_addr_valid+0x1db/0x2d0 [ 13.981626] ? kasan_atomics_helper+0x49ce/0x5450 [ 13.981648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.981685] ? kasan_atomics_helper+0x49ce/0x5450 [ 13.981707] kasan_report+0x141/0x180 [ 13.981731] ? kasan_atomics_helper+0x49ce/0x5450 [ 13.981769] __asan_report_load4_noabort+0x18/0x20 [ 13.981790] kasan_atomics_helper+0x49ce/0x5450 [ 13.981814] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.981837] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.981860] ? kasan_atomics+0x152/0x310 [ 13.981883] kasan_atomics+0x1dc/0x310 [ 13.981903] ? __pfx_kasan_atomics+0x10/0x10 [ 13.981934] ? __pfx_read_tsc+0x10/0x10 [ 13.981955] ? ktime_get_ts64+0x86/0x230 [ 13.981982] kunit_try_run_case+0x1a5/0x480 [ 13.982007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.982030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.982054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.982079] ? __kthread_parkme+0x82/0x180 [ 13.982101] ? preempt_count_sub+0x50/0x80 [ 13.982127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.982151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.982175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.982198] kthread+0x337/0x6f0 [ 13.982216] ? trace_preempt_on+0x20/0xc0 [ 13.982240] ? __pfx_kthread+0x10/0x10 [ 13.982258] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.982280] ? calculate_sigpending+0x7b/0xa0 [ 13.982304] ? __pfx_kthread+0x10/0x10 [ 13.982323] ret_from_fork+0x41/0x80 [ 13.982353] ? __pfx_kthread+0x10/0x10 [ 13.982372] ret_from_fork_asm+0x1a/0x30 [ 13.982406] </TASK> [ 13.982427] [ 13.991721] Allocated by task 284: [ 13.992045] kasan_save_stack+0x45/0x70 [ 13.992339] kasan_save_track+0x18/0x40 [ 13.992645] kasan_save_alloc_info+0x3b/0x50 [ 13.992949] __kasan_kmalloc+0xb7/0xc0 [ 13.993102] __kmalloc_cache_noprof+0x189/0x420 [ 13.993433] kasan_atomics+0x95/0x310 [ 13.993745] kunit_try_run_case+0x1a5/0x480 [ 13.993927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994304] kthread+0x337/0x6f0 [ 13.994580] ret_from_fork+0x41/0x80 [ 13.994821] ret_from_fork_asm+0x1a/0x30 [ 13.995058] [ 13.995146] The buggy address belongs to the object at ffff888102a0bf80 [ 13.995146] which belongs to the cache kmalloc-64 of size 64 [ 13.995928] The buggy address is located 0 bytes to the right of [ 13.995928] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.996575] [ 13.996674] The buggy address belongs to the physical page: [ 13.997004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.997433] flags: 0x200000000000000(node=0|zone=2) [ 13.997791] page_type: f5(slab) [ 13.997988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.998437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.998857] page dumped because: kasan: bad access detected [ 13.999184] [ 13.999272] Memory state around the buggy address: [ 13.999551] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.999879] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.000211] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.000507] ^ [ 14.000962] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.001249] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.001730] ================================================================== [ 14.350598] ================================================================== [ 14.351294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.351894] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.352489] [ 14.352628] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.352676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.352690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.352714] Call Trace: [ 14.352736] <TASK> [ 14.352769] dump_stack_lvl+0x73/0xb0 [ 14.352797] print_report+0xd1/0x650 [ 14.352834] ? __virt_addr_valid+0x1db/0x2d0 [ 14.352858] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.352880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.352904] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.352936] kasan_report+0x141/0x180 [ 14.352959] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.352987] __asan_report_load8_noabort+0x18/0x20 [ 14.353009] kasan_atomics_helper+0x4f30/0x5450 [ 14.353033] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.353056] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.353078] ? kasan_atomics+0x152/0x310 [ 14.353103] kasan_atomics+0x1dc/0x310 [ 14.353122] ? __pfx_kasan_atomics+0x10/0x10 [ 14.353143] ? __pfx_read_tsc+0x10/0x10 [ 14.353165] ? ktime_get_ts64+0x86/0x230 [ 14.353191] kunit_try_run_case+0x1a5/0x480 [ 14.353217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.353240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.353265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.353289] ? __kthread_parkme+0x82/0x180 [ 14.353312] ? preempt_count_sub+0x50/0x80 [ 14.353338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.353362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.353411] kthread+0x337/0x6f0 [ 14.353428] ? trace_preempt_on+0x20/0xc0 [ 14.353453] ? __pfx_kthread+0x10/0x10 [ 14.353472] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.353494] ? calculate_sigpending+0x7b/0xa0 [ 14.353516] ? __pfx_kthread+0x10/0x10 [ 14.353535] ret_from_fork+0x41/0x80 [ 14.353575] ? __pfx_kthread+0x10/0x10 [ 14.353594] ret_from_fork_asm+0x1a/0x30 [ 14.353625] </TASK> [ 14.353637] [ 14.365647] Allocated by task 284: [ 14.366010] kasan_save_stack+0x45/0x70 [ 14.366397] kasan_save_track+0x18/0x40 [ 14.366775] kasan_save_alloc_info+0x3b/0x50 [ 14.367032] __kasan_kmalloc+0xb7/0xc0 [ 14.367167] __kmalloc_cache_noprof+0x189/0x420 [ 14.367321] kasan_atomics+0x95/0x310 [ 14.367451] kunit_try_run_case+0x1a5/0x480 [ 14.367705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.368191] kthread+0x337/0x6f0 [ 14.368502] ret_from_fork+0x41/0x80 [ 14.368871] ret_from_fork_asm+0x1a/0x30 [ 14.369242] [ 14.369410] The buggy address belongs to the object at ffff888102a0bf80 [ 14.369410] which belongs to the cache kmalloc-64 of size 64 [ 14.370483] The buggy address is located 0 bytes to the right of [ 14.370483] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.371037] [ 14.371114] The buggy address belongs to the physical page: [ 14.371289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.371531] flags: 0x200000000000000(node=0|zone=2) [ 14.372056] page_type: f5(slab) [ 14.372372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.372737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.373382] page dumped because: kasan: bad access detected [ 14.373789] [ 14.373861] Memory state around the buggy address: [ 14.374029] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.374248] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.374464] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.374977] ^ [ 14.375407] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.376044] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.376676] ================================================================== [ 13.940427] ================================================================== [ 13.941521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 13.942407] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.942861] [ 13.942983] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.943044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.943057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.943080] Call Trace: [ 13.943111] <TASK> [ 13.943131] dump_stack_lvl+0x73/0xb0 [ 13.943158] print_report+0xd1/0x650 [ 13.943182] ? __virt_addr_valid+0x1db/0x2d0 [ 13.943205] ? kasan_atomics_helper+0x49e8/0x5450 [ 13.943228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.943250] ? kasan_atomics_helper+0x49e8/0x5450 [ 13.943273] kasan_report+0x141/0x180 [ 13.943297] ? kasan_atomics_helper+0x49e8/0x5450 [ 13.943324] __asan_report_load4_noabort+0x18/0x20 [ 13.943348] kasan_atomics_helper+0x49e8/0x5450 [ 13.943382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.943405] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.943428] ? kasan_atomics+0x152/0x310 [ 13.943463] kasan_atomics+0x1dc/0x310 [ 13.943483] ? __pfx_kasan_atomics+0x10/0x10 [ 13.943504] ? __pfx_read_tsc+0x10/0x10 [ 13.943525] ? ktime_get_ts64+0x86/0x230 [ 13.943551] kunit_try_run_case+0x1a5/0x480 [ 13.943577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.943599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.943632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.943656] ? __kthread_parkme+0x82/0x180 [ 13.943679] ? preempt_count_sub+0x50/0x80 [ 13.943705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.943729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.943753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.943776] kthread+0x337/0x6f0 [ 13.943794] ? trace_preempt_on+0x20/0xc0 [ 13.943819] ? __pfx_kthread+0x10/0x10 [ 13.943837] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.943859] ? calculate_sigpending+0x7b/0xa0 [ 13.943881] ? __pfx_kthread+0x10/0x10 [ 13.943901] ret_from_fork+0x41/0x80 [ 13.943932] ? __pfx_kthread+0x10/0x10 [ 13.943950] ret_from_fork_asm+0x1a/0x30 [ 13.943982] </TASK> [ 13.943994] [ 13.952332] Allocated by task 284: [ 13.952477] kasan_save_stack+0x45/0x70 [ 13.952629] kasan_save_track+0x18/0x40 [ 13.952806] kasan_save_alloc_info+0x3b/0x50 [ 13.953046] __kasan_kmalloc+0xb7/0xc0 [ 13.953269] __kmalloc_cache_noprof+0x189/0x420 [ 13.953500] kasan_atomics+0x95/0x310 [ 13.953797] kunit_try_run_case+0x1a5/0x480 [ 13.953954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.954128] kthread+0x337/0x6f0 [ 13.954305] ret_from_fork+0x41/0x80 [ 13.954491] ret_from_fork_asm+0x1a/0x30 [ 13.954853] [ 13.954978] The buggy address belongs to the object at ffff888102a0bf80 [ 13.954978] which belongs to the cache kmalloc-64 of size 64 [ 13.955498] The buggy address is located 0 bytes to the right of [ 13.955498] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.956066] [ 13.956142] The buggy address belongs to the physical page: [ 13.956401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.956814] flags: 0x200000000000000(node=0|zone=2) [ 13.957058] page_type: f5(slab) [ 13.957241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.957578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.957903] page dumped because: kasan: bad access detected [ 13.958157] [ 13.958254] Memory state around the buggy address: [ 13.958480] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.958847] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.959158] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.959419] ^ [ 13.959577] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.959790] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.960030] ================================================================== [ 13.795456] ================================================================== [ 13.796011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 13.796361] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.796687] [ 13.796813] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.796858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.796879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.796901] Call Trace: [ 13.796938] <TASK> [ 13.796958] dump_stack_lvl+0x73/0xb0 [ 13.796983] print_report+0xd1/0x650 [ 13.797018] ? __virt_addr_valid+0x1db/0x2d0 [ 13.797040] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.797062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.797085] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.797108] kasan_report+0x141/0x180 [ 13.797131] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.797167] kasan_check_range+0x10c/0x1c0 [ 13.797188] __kasan_check_write+0x18/0x20 [ 13.797210] kasan_atomics_helper+0xfa9/0x5450 [ 13.797244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.797267] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.797290] ? kasan_atomics+0x152/0x310 [ 13.797313] kasan_atomics+0x1dc/0x310 [ 13.797333] ? __pfx_kasan_atomics+0x10/0x10 [ 13.797355] ? __pfx_read_tsc+0x10/0x10 [ 13.797376] ? ktime_get_ts64+0x86/0x230 [ 13.797402] kunit_try_run_case+0x1a5/0x480 [ 13.797428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.797475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.797499] ? __kthread_parkme+0x82/0x180 [ 13.797522] ? preempt_count_sub+0x50/0x80 [ 13.797548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.797609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.797634] kthread+0x337/0x6f0 [ 13.797652] ? trace_preempt_on+0x20/0xc0 [ 13.797676] ? __pfx_kthread+0x10/0x10 [ 13.797695] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.797718] ? calculate_sigpending+0x7b/0xa0 [ 13.797741] ? __pfx_kthread+0x10/0x10 [ 13.797760] ret_from_fork+0x41/0x80 [ 13.797782] ? __pfx_kthread+0x10/0x10 [ 13.797800] ret_from_fork_asm+0x1a/0x30 [ 13.797831] </TASK> [ 13.797843] [ 13.805571] Allocated by task 284: [ 13.805760] kasan_save_stack+0x45/0x70 [ 13.805950] kasan_save_track+0x18/0x40 [ 13.806161] kasan_save_alloc_info+0x3b/0x50 [ 13.806351] __kasan_kmalloc+0xb7/0xc0 [ 13.806541] __kmalloc_cache_noprof+0x189/0x420 [ 13.806800] kasan_atomics+0x95/0x310 [ 13.806949] kunit_try_run_case+0x1a5/0x480 [ 13.807097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807275] kthread+0x337/0x6f0 [ 13.807394] ret_from_fork+0x41/0x80 [ 13.807525] ret_from_fork_asm+0x1a/0x30 [ 13.807684] [ 13.807757] The buggy address belongs to the object at ffff888102a0bf80 [ 13.807757] which belongs to the cache kmalloc-64 of size 64 [ 13.808304] The buggy address is located 0 bytes to the right of [ 13.808304] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.808867] [ 13.808973] The buggy address belongs to the physical page: [ 13.809228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.809536] flags: 0x200000000000000(node=0|zone=2) [ 13.809744] page_type: f5(slab) [ 13.809896] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.810169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.810398] page dumped because: kasan: bad access detected [ 13.810591] [ 13.810661] Memory state around the buggy address: [ 13.810818] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.811150] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.811499] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.811868] ^ [ 13.812121] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.812469] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.812822] ================================================================== [ 14.194111] ================================================================== [ 14.194389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.194969] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.195249] [ 14.195379] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.195427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.195439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.195472] Call Trace: [ 14.195494] <TASK> [ 14.195514] dump_stack_lvl+0x73/0xb0 [ 14.195550] print_report+0xd1/0x650 [ 14.195585] ? __virt_addr_valid+0x1db/0x2d0 [ 14.195609] ? kasan_atomics_helper+0x1818/0x5450 [ 14.195631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.195655] ? kasan_atomics_helper+0x1818/0x5450 [ 14.195687] kasan_report+0x141/0x180 [ 14.195710] ? kasan_atomics_helper+0x1818/0x5450 [ 14.195748] kasan_check_range+0x10c/0x1c0 [ 14.195770] __kasan_check_write+0x18/0x20 [ 14.195790] kasan_atomics_helper+0x1818/0x5450 [ 14.195813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.195837] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.195859] ? kasan_atomics+0x152/0x310 [ 14.195883] kasan_atomics+0x1dc/0x310 [ 14.195903] ? __pfx_kasan_atomics+0x10/0x10 [ 14.195933] ? __pfx_read_tsc+0x10/0x10 [ 14.195954] ? ktime_get_ts64+0x86/0x230 [ 14.195981] kunit_try_run_case+0x1a5/0x480 [ 14.196007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.196030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.196055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.196079] ? __kthread_parkme+0x82/0x180 [ 14.196102] ? preempt_count_sub+0x50/0x80 [ 14.196129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.196152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.196176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.196199] kthread+0x337/0x6f0 [ 14.196216] ? trace_preempt_on+0x20/0xc0 [ 14.196241] ? __pfx_kthread+0x10/0x10 [ 14.196266] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.196289] ? calculate_sigpending+0x7b/0xa0 [ 14.196312] ? __pfx_kthread+0x10/0x10 [ 14.196340] ret_from_fork+0x41/0x80 [ 14.196361] ? __pfx_kthread+0x10/0x10 [ 14.196379] ret_from_fork_asm+0x1a/0x30 [ 14.196422] </TASK> [ 14.196433] [ 14.204157] Allocated by task 284: [ 14.204381] kasan_save_stack+0x45/0x70 [ 14.204610] kasan_save_track+0x18/0x40 [ 14.204843] kasan_save_alloc_info+0x3b/0x50 [ 14.205053] __kasan_kmalloc+0xb7/0xc0 [ 14.205210] __kmalloc_cache_noprof+0x189/0x420 [ 14.205385] kasan_atomics+0x95/0x310 [ 14.205578] kunit_try_run_case+0x1a5/0x480 [ 14.205797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206028] kthread+0x337/0x6f0 [ 14.206217] ret_from_fork+0x41/0x80 [ 14.206367] ret_from_fork_asm+0x1a/0x30 [ 14.206507] [ 14.206594] The buggy address belongs to the object at ffff888102a0bf80 [ 14.206594] which belongs to the cache kmalloc-64 of size 64 [ 14.207151] The buggy address is located 0 bytes to the right of [ 14.207151] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.207760] [ 14.207852] The buggy address belongs to the physical page: [ 14.208118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.208458] flags: 0x200000000000000(node=0|zone=2) [ 14.208732] page_type: f5(slab) [ 14.208861] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.209105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.209337] page dumped because: kasan: bad access detected [ 14.209508] [ 14.209583] Memory state around the buggy address: [ 14.209845] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.210267] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.210673] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.211004] ^ [ 14.211163] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.211379] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.211635] ================================================================== [ 14.469936] ================================================================== [ 14.470302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.470663] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.471106] [ 14.471253] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.471311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.471324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.471348] Call Trace: [ 14.471405] <TASK> [ 14.471426] dump_stack_lvl+0x73/0xb0 [ 14.471453] print_report+0xd1/0x650 [ 14.471488] ? __virt_addr_valid+0x1db/0x2d0 [ 14.471510] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.471533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.471557] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.471580] kasan_report+0x141/0x180 [ 14.471630] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.471675] kasan_check_range+0x10c/0x1c0 [ 14.471707] __kasan_check_write+0x18/0x20 [ 14.471727] kasan_atomics_helper+0x1f43/0x5450 [ 14.471752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.471775] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.471799] ? kasan_atomics+0x152/0x310 [ 14.471822] kasan_atomics+0x1dc/0x310 [ 14.471865] ? __pfx_kasan_atomics+0x10/0x10 [ 14.471887] ? __pfx_read_tsc+0x10/0x10 [ 14.471940] ? ktime_get_ts64+0x86/0x230 [ 14.471968] kunit_try_run_case+0x1a5/0x480 [ 14.472022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.472046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.472071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.472095] ? __kthread_parkme+0x82/0x180 [ 14.472119] ? preempt_count_sub+0x50/0x80 [ 14.472145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.472169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.472251] kthread+0x337/0x6f0 [ 14.472308] ? trace_preempt_on+0x20/0xc0 [ 14.472346] ? __pfx_kthread+0x10/0x10 [ 14.472378] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.472422] ? calculate_sigpending+0x7b/0xa0 [ 14.472444] ? __pfx_kthread+0x10/0x10 [ 14.472463] ret_from_fork+0x41/0x80 [ 14.472494] ? __pfx_kthread+0x10/0x10 [ 14.472512] ret_from_fork_asm+0x1a/0x30 [ 14.472545] </TASK> [ 14.472556] [ 14.481340] Allocated by task 284: [ 14.481640] kasan_save_stack+0x45/0x70 [ 14.481809] kasan_save_track+0x18/0x40 [ 14.482012] kasan_save_alloc_info+0x3b/0x50 [ 14.482200] __kasan_kmalloc+0xb7/0xc0 [ 14.482333] __kmalloc_cache_noprof+0x189/0x420 [ 14.482481] kasan_atomics+0x95/0x310 [ 14.482723] kunit_try_run_case+0x1a5/0x480 [ 14.482964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.483215] kthread+0x337/0x6f0 [ 14.483388] ret_from_fork+0x41/0x80 [ 14.483602] ret_from_fork_asm+0x1a/0x30 [ 14.483841] [ 14.483953] The buggy address belongs to the object at ffff888102a0bf80 [ 14.483953] which belongs to the cache kmalloc-64 of size 64 [ 14.484546] The buggy address is located 0 bytes to the right of [ 14.484546] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.485126] [ 14.485224] The buggy address belongs to the physical page: [ 14.485473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.485884] flags: 0x200000000000000(node=0|zone=2) [ 14.486128] page_type: f5(slab) [ 14.486470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.486757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.486989] page dumped because: kasan: bad access detected [ 14.487154] [ 14.487221] Memory state around the buggy address: [ 14.487374] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.487692] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.488019] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.488460] ^ [ 14.488937] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.489358] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.489734] ================================================================== [ 13.274328] ================================================================== [ 13.275577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.276487] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.276735] [ 13.276832] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.276884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.276897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.276929] Call Trace: [ 13.276943] <TASK> [ 13.276964] dump_stack_lvl+0x73/0xb0 [ 13.276993] print_report+0xd1/0x650 [ 13.277017] ? __virt_addr_valid+0x1db/0x2d0 [ 13.277039] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.277062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.277088] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.277111] kasan_report+0x141/0x180 [ 13.277135] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.277162] __asan_report_load4_noabort+0x18/0x20 [ 13.277183] kasan_atomics_helper+0x4bbc/0x5450 [ 13.277206] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.277229] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.277251] ? kasan_atomics+0x152/0x310 [ 13.277275] kasan_atomics+0x1dc/0x310 [ 13.277294] ? __pfx_kasan_atomics+0x10/0x10 [ 13.277315] ? __pfx_read_tsc+0x10/0x10 [ 13.277335] ? ktime_get_ts64+0x86/0x230 [ 13.277360] kunit_try_run_case+0x1a5/0x480 [ 13.277386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.277408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.277432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.277455] ? __kthread_parkme+0x82/0x180 [ 13.277478] ? preempt_count_sub+0x50/0x80 [ 13.277503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.277527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.277550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.277573] kthread+0x337/0x6f0 [ 13.277590] ? trace_preempt_on+0x20/0xc0 [ 13.277614] ? __pfx_kthread+0x10/0x10 [ 13.277631] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.277653] ? calculate_sigpending+0x7b/0xa0 [ 13.277675] ? __pfx_kthread+0x10/0x10 [ 13.277693] ret_from_fork+0x41/0x80 [ 13.277714] ? __pfx_kthread+0x10/0x10 [ 13.277731] ret_from_fork_asm+0x1a/0x30 [ 13.277762] </TASK> [ 13.277773] [ 13.294584] Allocated by task 284: [ 13.295032] kasan_save_stack+0x45/0x70 [ 13.295487] kasan_save_track+0x18/0x40 [ 13.295989] kasan_save_alloc_info+0x3b/0x50 [ 13.296408] __kasan_kmalloc+0xb7/0xc0 [ 13.296846] __kmalloc_cache_noprof+0x189/0x420 [ 13.297369] kasan_atomics+0x95/0x310 [ 13.297813] kunit_try_run_case+0x1a5/0x480 [ 13.298318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.298833] kthread+0x337/0x6f0 [ 13.299214] ret_from_fork+0x41/0x80 [ 13.299597] ret_from_fork_asm+0x1a/0x30 [ 13.300043] [ 13.300169] The buggy address belongs to the object at ffff888102a0bf80 [ 13.300169] which belongs to the cache kmalloc-64 of size 64 [ 13.301274] The buggy address is located 0 bytes to the right of [ 13.301274] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.302259] [ 13.302423] The buggy address belongs to the physical page: [ 13.302998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.303500] flags: 0x200000000000000(node=0|zone=2) [ 13.304064] page_type: f5(slab) [ 13.304253] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.304476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.304701] page dumped because: kasan: bad access detected [ 13.304868] [ 13.304951] Memory state around the buggy address: [ 13.305189] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.305885] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.306114] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.306319] ^ [ 13.306470] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.307092] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.307955] ================================================================== [ 14.293104] ================================================================== [ 14.293845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.294479] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.295194] [ 14.295434] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.295484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.295497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.295521] Call Trace: [ 14.295541] <TASK> [ 14.295624] dump_stack_lvl+0x73/0xb0 [ 14.295653] print_report+0xd1/0x650 [ 14.295691] ? __virt_addr_valid+0x1db/0x2d0 [ 14.295714] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.295737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.295761] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.295783] kasan_report+0x141/0x180 [ 14.295806] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.295833] kasan_check_range+0x10c/0x1c0 [ 14.295854] __kasan_check_write+0x18/0x20 [ 14.295874] kasan_atomics_helper+0x1b22/0x5450 [ 14.295898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.295929] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.295952] ? kasan_atomics+0x152/0x310 [ 14.295977] kasan_atomics+0x1dc/0x310 [ 14.295996] ? __pfx_kasan_atomics+0x10/0x10 [ 14.296017] ? __pfx_read_tsc+0x10/0x10 [ 14.296038] ? ktime_get_ts64+0x86/0x230 [ 14.296064] kunit_try_run_case+0x1a5/0x480 [ 14.296092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.296141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.296165] ? __kthread_parkme+0x82/0x180 [ 14.296189] ? preempt_count_sub+0x50/0x80 [ 14.296215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.296268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.296292] kthread+0x337/0x6f0 [ 14.296309] ? trace_preempt_on+0x20/0xc0 [ 14.296334] ? __pfx_kthread+0x10/0x10 [ 14.296352] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.296375] ? calculate_sigpending+0x7b/0xa0 [ 14.296398] ? __pfx_kthread+0x10/0x10 [ 14.296417] ret_from_fork+0x41/0x80 [ 14.296438] ? __pfx_kthread+0x10/0x10 [ 14.296456] ret_from_fork_asm+0x1a/0x30 [ 14.296488] </TASK> [ 14.296500] [ 14.309074] Allocated by task 284: [ 14.309437] kasan_save_stack+0x45/0x70 [ 14.309846] kasan_save_track+0x18/0x40 [ 14.310225] kasan_save_alloc_info+0x3b/0x50 [ 14.310595] __kasan_kmalloc+0xb7/0xc0 [ 14.310731] __kmalloc_cache_noprof+0x189/0x420 [ 14.310885] kasan_atomics+0x95/0x310 [ 14.311026] kunit_try_run_case+0x1a5/0x480 [ 14.311174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.311350] kthread+0x337/0x6f0 [ 14.311471] ret_from_fork+0x41/0x80 [ 14.311760] ret_from_fork_asm+0x1a/0x30 [ 14.312135] [ 14.312300] The buggy address belongs to the object at ffff888102a0bf80 [ 14.312300] which belongs to the cache kmalloc-64 of size 64 [ 14.313357] The buggy address is located 0 bytes to the right of [ 14.313357] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.314440] [ 14.314640] The buggy address belongs to the physical page: [ 14.315142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.315843] flags: 0x200000000000000(node=0|zone=2) [ 14.316316] page_type: f5(slab) [ 14.316653] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.317302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.317860] page dumped because: kasan: bad access detected [ 14.318042] [ 14.318112] Memory state around the buggy address: [ 14.318270] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.318487] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.319072] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.319703] ^ [ 14.320133] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.320769] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.321375] ================================================================== [ 13.662746] ================================================================== [ 13.663288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.663535] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.663761] [ 13.663959] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.664015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.664027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.664049] Call Trace: [ 13.664077] <TASK> [ 13.664096] dump_stack_lvl+0x73/0xb0 [ 13.664121] print_report+0xd1/0x650 [ 13.664144] ? __virt_addr_valid+0x1db/0x2d0 [ 13.664167] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.664189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.664212] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.664234] kasan_report+0x141/0x180 [ 13.664262] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.664289] kasan_check_range+0x10c/0x1c0 [ 13.664310] __kasan_check_write+0x18/0x20 [ 13.664330] kasan_atomics_helper+0xb6a/0x5450 [ 13.664354] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.664377] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.664399] ? kasan_atomics+0x152/0x310 [ 13.664422] kasan_atomics+0x1dc/0x310 [ 13.664442] ? __pfx_kasan_atomics+0x10/0x10 [ 13.664473] ? __pfx_read_tsc+0x10/0x10 [ 13.664494] ? ktime_get_ts64+0x86/0x230 [ 13.664520] kunit_try_run_case+0x1a5/0x480 [ 13.664557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.664579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.664604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.664627] ? __kthread_parkme+0x82/0x180 [ 13.664650] ? preempt_count_sub+0x50/0x80 [ 13.664677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.664701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.664724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.664748] kthread+0x337/0x6f0 [ 13.664765] ? trace_preempt_on+0x20/0xc0 [ 13.664791] ? __pfx_kthread+0x10/0x10 [ 13.664809] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.664831] ? calculate_sigpending+0x7b/0xa0 [ 13.664854] ? __pfx_kthread+0x10/0x10 [ 13.664873] ret_from_fork+0x41/0x80 [ 13.664894] ? __pfx_kthread+0x10/0x10 [ 13.664912] ret_from_fork_asm+0x1a/0x30 [ 13.664952] </TASK> [ 13.664963] [ 13.673292] Allocated by task 284: [ 13.673497] kasan_save_stack+0x45/0x70 [ 13.673742] kasan_save_track+0x18/0x40 [ 13.673945] kasan_save_alloc_info+0x3b/0x50 [ 13.674150] __kasan_kmalloc+0xb7/0xc0 [ 13.674284] __kmalloc_cache_noprof+0x189/0x420 [ 13.674437] kasan_atomics+0x95/0x310 [ 13.674567] kunit_try_run_case+0x1a5/0x480 [ 13.674850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.675123] kthread+0x337/0x6f0 [ 13.675258] ret_from_fork+0x41/0x80 [ 13.675390] ret_from_fork_asm+0x1a/0x30 [ 13.675530] [ 13.675601] The buggy address belongs to the object at ffff888102a0bf80 [ 13.675601] which belongs to the cache kmalloc-64 of size 64 [ 13.676416] The buggy address is located 0 bytes to the right of [ 13.676416] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.677009] [ 13.677174] The buggy address belongs to the physical page: [ 13.677430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.677857] flags: 0x200000000000000(node=0|zone=2) [ 13.678046] page_type: f5(slab) [ 13.678173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.678402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.678625] page dumped because: kasan: bad access detected [ 13.678804] [ 13.678896] Memory state around the buggy address: [ 13.679341] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.679841] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.680109] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.680327] ^ [ 13.680483] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.681057] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.681373] ================================================================== [ 14.510866] ================================================================== [ 14.512383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.512859] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.513094] [ 14.513186] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.513235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.513248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.513272] Call Trace: [ 14.513293] <TASK> [ 14.513314] dump_stack_lvl+0x73/0xb0 [ 14.513341] print_report+0xd1/0x650 [ 14.513366] ? __virt_addr_valid+0x1db/0x2d0 [ 14.513389] ? kasan_atomics_helper+0x2006/0x5450 [ 14.513413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.513438] ? kasan_atomics_helper+0x2006/0x5450 [ 14.513461] kasan_report+0x141/0x180 [ 14.513485] ? kasan_atomics_helper+0x2006/0x5450 [ 14.513512] kasan_check_range+0x10c/0x1c0 [ 14.513536] __kasan_check_write+0x18/0x20 [ 14.513557] kasan_atomics_helper+0x2006/0x5450 [ 14.513581] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.513604] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.513628] ? kasan_atomics+0x152/0x310 [ 14.513653] kasan_atomics+0x1dc/0x310 [ 14.513673] ? __pfx_kasan_atomics+0x10/0x10 [ 14.513695] ? __pfx_read_tsc+0x10/0x10 [ 14.513716] ? ktime_get_ts64+0x86/0x230 [ 14.513742] kunit_try_run_case+0x1a5/0x480 [ 14.513768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.513817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.513842] ? __kthread_parkme+0x82/0x180 [ 14.513865] ? preempt_count_sub+0x50/0x80 [ 14.513891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.513950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.513974] kthread+0x337/0x6f0 [ 14.513993] ? trace_preempt_on+0x20/0xc0 [ 14.514017] ? __pfx_kthread+0x10/0x10 [ 14.514071] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.514095] ? calculate_sigpending+0x7b/0xa0 [ 14.514118] ? __pfx_kthread+0x10/0x10 [ 14.514149] ret_from_fork+0x41/0x80 [ 14.514170] ? __pfx_kthread+0x10/0x10 [ 14.514189] ret_from_fork_asm+0x1a/0x30 [ 14.514247] </TASK> [ 14.514259] [ 14.522654] Allocated by task 284: [ 14.522908] kasan_save_stack+0x45/0x70 [ 14.523134] kasan_save_track+0x18/0x40 [ 14.523340] kasan_save_alloc_info+0x3b/0x50 [ 14.523550] __kasan_kmalloc+0xb7/0xc0 [ 14.523802] __kmalloc_cache_noprof+0x189/0x420 [ 14.524027] kasan_atomics+0x95/0x310 [ 14.524293] kunit_try_run_case+0x1a5/0x480 [ 14.524476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524800] kthread+0x337/0x6f0 [ 14.524993] ret_from_fork+0x41/0x80 [ 14.525154] ret_from_fork_asm+0x1a/0x30 [ 14.525388] [ 14.525526] The buggy address belongs to the object at ffff888102a0bf80 [ 14.525526] which belongs to the cache kmalloc-64 of size 64 [ 14.526166] The buggy address is located 0 bytes to the right of [ 14.526166] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.526714] [ 14.526813] The buggy address belongs to the physical page: [ 14.527092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.527454] flags: 0x200000000000000(node=0|zone=2) [ 14.527912] page_type: f5(slab) [ 14.528059] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.528299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.528616] page dumped because: kasan: bad access detected [ 14.528869] [ 14.529016] Memory state around the buggy address: [ 14.529243] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.529611] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.529930] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.530254] ^ [ 14.530484] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.530900] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.531236] ================================================================== [ 13.397663] ================================================================== [ 13.398465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.398724] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.399178] [ 13.399331] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.399378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.399392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.399414] Call Trace: [ 13.399434] <TASK> [ 13.399453] dump_stack_lvl+0x73/0xb0 [ 13.399478] print_report+0xd1/0x650 [ 13.399501] ? __virt_addr_valid+0x1db/0x2d0 [ 13.399524] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.399547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.399570] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.399593] kasan_report+0x141/0x180 [ 13.399617] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.399644] __asan_report_load4_noabort+0x18/0x20 [ 13.399666] kasan_atomics_helper+0x4b54/0x5450 [ 13.399690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.399713] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.399736] ? kasan_atomics+0x152/0x310 [ 13.399760] kasan_atomics+0x1dc/0x310 [ 13.399780] ? __pfx_kasan_atomics+0x10/0x10 [ 13.399802] ? __pfx_read_tsc+0x10/0x10 [ 13.399823] ? ktime_get_ts64+0x86/0x230 [ 13.399850] kunit_try_run_case+0x1a5/0x480 [ 13.399876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.399899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.399936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.399961] ? __kthread_parkme+0x82/0x180 [ 13.399984] ? preempt_count_sub+0x50/0x80 [ 13.400011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.400036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.400060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.400083] kthread+0x337/0x6f0 [ 13.400101] ? trace_preempt_on+0x20/0xc0 [ 13.400126] ? __pfx_kthread+0x10/0x10 [ 13.400145] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.400167] ? calculate_sigpending+0x7b/0xa0 [ 13.400189] ? __pfx_kthread+0x10/0x10 [ 13.400209] ret_from_fork+0x41/0x80 [ 13.400230] ? __pfx_kthread+0x10/0x10 [ 13.400254] ret_from_fork_asm+0x1a/0x30 [ 13.400286] </TASK> [ 13.400297] [ 13.407735] Allocated by task 284: [ 13.407872] kasan_save_stack+0x45/0x70 [ 13.408030] kasan_save_track+0x18/0x40 [ 13.408227] kasan_save_alloc_info+0x3b/0x50 [ 13.408441] __kasan_kmalloc+0xb7/0xc0 [ 13.408669] __kmalloc_cache_noprof+0x189/0x420 [ 13.408887] kasan_atomics+0x95/0x310 [ 13.409082] kunit_try_run_case+0x1a5/0x480 [ 13.409301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.409526] kthread+0x337/0x6f0 [ 13.409715] ret_from_fork+0x41/0x80 [ 13.409861] ret_from_fork_asm+0x1a/0x30 [ 13.410074] [ 13.410168] The buggy address belongs to the object at ffff888102a0bf80 [ 13.410168] which belongs to the cache kmalloc-64 of size 64 [ 13.410660] The buggy address is located 0 bytes to the right of [ 13.410660] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.411132] [ 13.411228] The buggy address belongs to the physical page: [ 13.411449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.411792] flags: 0x200000000000000(node=0|zone=2) [ 13.411989] page_type: f5(slab) [ 13.412162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.412478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.412797] page dumped because: kasan: bad access detected [ 13.413078] [ 13.413173] Memory state around the buggy address: [ 13.413380] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.413683] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.414047] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.414259] ^ [ 13.414413] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.414626] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.414837] ================================================================== [ 14.148968] ================================================================== [ 14.149756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.150579] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.151256] [ 14.151459] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.151521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.151533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.151576] Call Trace: [ 14.151597] <TASK> [ 14.151618] dump_stack_lvl+0x73/0xb0 [ 14.151647] print_report+0xd1/0x650 [ 14.151672] ? __virt_addr_valid+0x1db/0x2d0 [ 14.151694] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.151718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.151741] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.151763] kasan_report+0x141/0x180 [ 14.151787] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.151814] kasan_check_range+0x10c/0x1c0 [ 14.151835] __kasan_check_write+0x18/0x20 [ 14.151856] kasan_atomics_helper+0x16e7/0x5450 [ 14.151880] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.151903] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.151938] ? kasan_atomics+0x152/0x310 [ 14.151963] kasan_atomics+0x1dc/0x310 [ 14.151993] ? __pfx_kasan_atomics+0x10/0x10 [ 14.152015] ? __pfx_read_tsc+0x10/0x10 [ 14.152036] ? ktime_get_ts64+0x86/0x230 [ 14.152073] kunit_try_run_case+0x1a5/0x480 [ 14.152101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.152125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.152150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.152175] ? __kthread_parkme+0x82/0x180 [ 14.152198] ? preempt_count_sub+0x50/0x80 [ 14.152225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.152256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.152280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.152304] kthread+0x337/0x6f0 [ 14.152321] ? trace_preempt_on+0x20/0xc0 [ 14.152346] ? __pfx_kthread+0x10/0x10 [ 14.152365] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.152387] ? calculate_sigpending+0x7b/0xa0 [ 14.152410] ? __pfx_kthread+0x10/0x10 [ 14.152429] ret_from_fork+0x41/0x80 [ 14.152450] ? __pfx_kthread+0x10/0x10 [ 14.152469] ret_from_fork_asm+0x1a/0x30 [ 14.152501] </TASK> [ 14.152514] [ 14.165557] Allocated by task 284: [ 14.165984] kasan_save_stack+0x45/0x70 [ 14.166145] kasan_save_track+0x18/0x40 [ 14.166376] kasan_save_alloc_info+0x3b/0x50 [ 14.166800] __kasan_kmalloc+0xb7/0xc0 [ 14.167158] __kmalloc_cache_noprof+0x189/0x420 [ 14.167540] kasan_atomics+0x95/0x310 [ 14.167673] kunit_try_run_case+0x1a5/0x480 [ 14.167821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.168006] kthread+0x337/0x6f0 [ 14.168127] ret_from_fork+0x41/0x80 [ 14.168264] ret_from_fork_asm+0x1a/0x30 [ 14.168405] [ 14.168479] The buggy address belongs to the object at ffff888102a0bf80 [ 14.168479] which belongs to the cache kmalloc-64 of size 64 [ 14.169455] The buggy address is located 0 bytes to the right of [ 14.169455] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.170760] [ 14.170932] The buggy address belongs to the physical page: [ 14.171429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.171980] flags: 0x200000000000000(node=0|zone=2) [ 14.172149] page_type: f5(slab) [ 14.172283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.172516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.172790] page dumped because: kasan: bad access detected [ 14.173152] [ 14.173246] Memory state around the buggy address: [ 14.173471] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.173748] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.174054] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.174325] ^ [ 14.174547] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.174881] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.175182] ================================================================== [ 13.832016] ================================================================== [ 13.832407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 13.833651] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.834524] [ 13.834907] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.835048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.835062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.835155] Call Trace: [ 13.835177] <TASK> [ 13.835199] dump_stack_lvl+0x73/0xb0 [ 13.835241] print_report+0xd1/0x650 [ 13.835272] ? __virt_addr_valid+0x1db/0x2d0 [ 13.835295] ? kasan_atomics_helper+0x1079/0x5450 [ 13.835318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.835342] ? kasan_atomics_helper+0x1079/0x5450 [ 13.835366] kasan_report+0x141/0x180 [ 13.835390] ? kasan_atomics_helper+0x1079/0x5450 [ 13.835417] kasan_check_range+0x10c/0x1c0 [ 13.835439] __kasan_check_write+0x18/0x20 [ 13.835459] kasan_atomics_helper+0x1079/0x5450 [ 13.835483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.835506] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.835529] ? kasan_atomics+0x152/0x310 [ 13.835608] kasan_atomics+0x1dc/0x310 [ 13.835632] ? __pfx_kasan_atomics+0x10/0x10 [ 13.835654] ? __pfx_read_tsc+0x10/0x10 [ 13.835674] ? ktime_get_ts64+0x86/0x230 [ 13.835700] kunit_try_run_case+0x1a5/0x480 [ 13.835728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.835751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.835776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.835800] ? __kthread_parkme+0x82/0x180 [ 13.835824] ? preempt_count_sub+0x50/0x80 [ 13.835851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.835875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.835933] kthread+0x337/0x6f0 [ 13.835951] ? trace_preempt_on+0x20/0xc0 [ 13.835976] ? __pfx_kthread+0x10/0x10 [ 13.835995] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.836017] ? calculate_sigpending+0x7b/0xa0 [ 13.836039] ? __pfx_kthread+0x10/0x10 [ 13.836058] ret_from_fork+0x41/0x80 [ 13.836079] ? __pfx_kthread+0x10/0x10 [ 13.836098] ret_from_fork_asm+0x1a/0x30 [ 13.836130] </TASK> [ 13.836143] [ 13.847287] Allocated by task 284: [ 13.847482] kasan_save_stack+0x45/0x70 [ 13.848119] kasan_save_track+0x18/0x40 [ 13.848386] kasan_save_alloc_info+0x3b/0x50 [ 13.848775] __kasan_kmalloc+0xb7/0xc0 [ 13.849099] __kmalloc_cache_noprof+0x189/0x420 [ 13.849509] kasan_atomics+0x95/0x310 [ 13.849835] kunit_try_run_case+0x1a5/0x480 [ 13.850046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.850280] kthread+0x337/0x6f0 [ 13.850433] ret_from_fork+0x41/0x80 [ 13.850609] ret_from_fork_asm+0x1a/0x30 [ 13.850793] [ 13.850880] The buggy address belongs to the object at ffff888102a0bf80 [ 13.850880] which belongs to the cache kmalloc-64 of size 64 [ 13.852283] The buggy address is located 0 bytes to the right of [ 13.852283] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.853245] [ 13.853488] The buggy address belongs to the physical page: [ 13.853996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.854349] flags: 0x200000000000000(node=0|zone=2) [ 13.854569] page_type: f5(slab) [ 13.854728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.855049] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.855355] page dumped because: kasan: bad access detected [ 13.855968] [ 13.856186] Memory state around the buggy address: [ 13.856690] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.857152] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.857844] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.858290] ^ [ 13.858805] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.859404] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.859878] ================================================================== [ 13.588179] ================================================================== [ 13.588478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.588868] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.589178] [ 13.589314] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.589360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.589373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.589396] Call Trace: [ 13.589409] <TASK> [ 13.589436] dump_stack_lvl+0x73/0xb0 [ 13.589462] print_report+0xd1/0x650 [ 13.589486] ? __virt_addr_valid+0x1db/0x2d0 [ 13.589521] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.589543] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.589595] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.589618] kasan_report+0x141/0x180 [ 13.589642] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.589679] kasan_check_range+0x10c/0x1c0 [ 13.589700] __kasan_check_write+0x18/0x20 [ 13.589720] kasan_atomics_helper+0x8f9/0x5450 [ 13.589752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.589776] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.589799] ? kasan_atomics+0x152/0x310 [ 13.589832] kasan_atomics+0x1dc/0x310 [ 13.589851] ? __pfx_kasan_atomics+0x10/0x10 [ 13.589873] ? __pfx_read_tsc+0x10/0x10 [ 13.589894] ? ktime_get_ts64+0x86/0x230 [ 13.589928] kunit_try_run_case+0x1a5/0x480 [ 13.589954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.589977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.590002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.590026] ? __kthread_parkme+0x82/0x180 [ 13.590058] ? preempt_count_sub+0x50/0x80 [ 13.590084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.590108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.590142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.590165] kthread+0x337/0x6f0 [ 13.590184] ? trace_preempt_on+0x20/0xc0 [ 13.590208] ? __pfx_kthread+0x10/0x10 [ 13.590227] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.590250] ? calculate_sigpending+0x7b/0xa0 [ 13.590272] ? __pfx_kthread+0x10/0x10 [ 13.590291] ret_from_fork+0x41/0x80 [ 13.590312] ? __pfx_kthread+0x10/0x10 [ 13.590330] ret_from_fork_asm+0x1a/0x30 [ 13.590363] </TASK> [ 13.590374] [ 13.597937] Allocated by task 284: [ 13.598073] kasan_save_stack+0x45/0x70 [ 13.598297] kasan_save_track+0x18/0x40 [ 13.598489] kasan_save_alloc_info+0x3b/0x50 [ 13.598699] __kasan_kmalloc+0xb7/0xc0 [ 13.598835] __kmalloc_cache_noprof+0x189/0x420 [ 13.598996] kasan_atomics+0x95/0x310 [ 13.599146] kunit_try_run_case+0x1a5/0x480 [ 13.599354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.599652] kthread+0x337/0x6f0 [ 13.599818] ret_from_fork+0x41/0x80 [ 13.600020] ret_from_fork_asm+0x1a/0x30 [ 13.600236] [ 13.600335] The buggy address belongs to the object at ffff888102a0bf80 [ 13.600335] which belongs to the cache kmalloc-64 of size 64 [ 13.600855] The buggy address is located 0 bytes to the right of [ 13.600855] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.601333] [ 13.601407] The buggy address belongs to the physical page: [ 13.601609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.601895] flags: 0x200000000000000(node=0|zone=2) [ 13.602148] page_type: f5(slab) [ 13.602320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.602681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.603028] page dumped because: kasan: bad access detected [ 13.603238] [ 13.603307] Memory state around the buggy address: [ 13.603467] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.603810] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.604164] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.604535] ^ [ 13.604755] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.605089] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.605391] ================================================================== [ 13.310641] ================================================================== [ 13.311426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.312469] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.313334] [ 13.313666] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.313720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.313733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.313754] Call Trace: [ 13.313768] <TASK> [ 13.313786] dump_stack_lvl+0x73/0xb0 [ 13.313817] print_report+0xd1/0x650 [ 13.313841] ? __virt_addr_valid+0x1db/0x2d0 [ 13.313864] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.313885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.313908] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.313942] kasan_report+0x141/0x180 [ 13.313965] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.313991] __asan_report_store4_noabort+0x1b/0x30 [ 13.314014] kasan_atomics_helper+0x4ba2/0x5450 [ 13.314038] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.314061] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.314083] ? kasan_atomics+0x152/0x310 [ 13.314106] kasan_atomics+0x1dc/0x310 [ 13.314124] ? __pfx_kasan_atomics+0x10/0x10 [ 13.314145] ? __pfx_read_tsc+0x10/0x10 [ 13.314166] ? ktime_get_ts64+0x86/0x230 [ 13.314191] kunit_try_run_case+0x1a5/0x480 [ 13.314217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314238] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.314263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314287] ? __kthread_parkme+0x82/0x180 [ 13.314309] ? preempt_count_sub+0x50/0x80 [ 13.314334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.314404] kthread+0x337/0x6f0 [ 13.314421] ? trace_preempt_on+0x20/0xc0 [ 13.314445] ? __pfx_kthread+0x10/0x10 [ 13.314462] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.314484] ? calculate_sigpending+0x7b/0xa0 [ 13.314505] ? __pfx_kthread+0x10/0x10 [ 13.314523] ret_from_fork+0x41/0x80 [ 13.314544] ? __pfx_kthread+0x10/0x10 [ 13.314698] ret_from_fork_asm+0x1a/0x30 [ 13.314739] </TASK> [ 13.314752] [ 13.327330] Allocated by task 284: [ 13.327548] kasan_save_stack+0x45/0x70 [ 13.327765] kasan_save_track+0x18/0x40 [ 13.327963] kasan_save_alloc_info+0x3b/0x50 [ 13.328140] __kasan_kmalloc+0xb7/0xc0 [ 13.328290] __kmalloc_cache_noprof+0x189/0x420 [ 13.328503] kasan_atomics+0x95/0x310 [ 13.328771] kunit_try_run_case+0x1a5/0x480 [ 13.328928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.329103] kthread+0x337/0x6f0 [ 13.329271] ret_from_fork+0x41/0x80 [ 13.329460] ret_from_fork_asm+0x1a/0x30 [ 13.329819] [ 13.329933] The buggy address belongs to the object at ffff888102a0bf80 [ 13.329933] which belongs to the cache kmalloc-64 of size 64 [ 13.330398] The buggy address is located 0 bytes to the right of [ 13.330398] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.331093] [ 13.331171] The buggy address belongs to the physical page: [ 13.331404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.331726] flags: 0x200000000000000(node=0|zone=2) [ 13.332002] page_type: f5(slab) [ 13.332176] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.332433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.332660] page dumped because: kasan: bad access detected [ 13.332897] [ 13.332998] Memory state around the buggy address: [ 13.333225] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.333539] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.334022] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.334236] ^ [ 13.334403] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.334870] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.335140] ================================================================== [ 14.212446] ================================================================== [ 14.212867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.213544] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.213931] [ 14.214060] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.214107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.214130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.214153] Call Trace: [ 14.214174] <TASK> [ 14.214205] dump_stack_lvl+0x73/0xb0 [ 14.214231] print_report+0xd1/0x650 [ 14.214255] ? __virt_addr_valid+0x1db/0x2d0 [ 14.214279] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.214301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.214325] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.214347] kasan_report+0x141/0x180 [ 14.214372] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.214402] kasan_check_range+0x10c/0x1c0 [ 14.214423] __kasan_check_write+0x18/0x20 [ 14.214445] kasan_atomics_helper+0x18b1/0x5450 [ 14.214468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.214491] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.214514] ? kasan_atomics+0x152/0x310 [ 14.214540] kasan_atomics+0x1dc/0x310 [ 14.214589] ? __pfx_kasan_atomics+0x10/0x10 [ 14.214611] ? __pfx_read_tsc+0x10/0x10 [ 14.214633] ? ktime_get_ts64+0x86/0x230 [ 14.214671] kunit_try_run_case+0x1a5/0x480 [ 14.214697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.214720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.214754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.214777] ? __kthread_parkme+0x82/0x180 [ 14.214801] ? preempt_count_sub+0x50/0x80 [ 14.214837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.214861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.214886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.214926] kthread+0x337/0x6f0 [ 14.214945] ? trace_preempt_on+0x20/0xc0 [ 14.214970] ? __pfx_kthread+0x10/0x10 [ 14.214998] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.215020] ? calculate_sigpending+0x7b/0xa0 [ 14.215043] ? __pfx_kthread+0x10/0x10 [ 14.215063] ret_from_fork+0x41/0x80 [ 14.215093] ? __pfx_kthread+0x10/0x10 [ 14.215112] ret_from_fork_asm+0x1a/0x30 [ 14.215144] </TASK> [ 14.215155] [ 14.222824] Allocated by task 284: [ 14.222983] kasan_save_stack+0x45/0x70 [ 14.223138] kasan_save_track+0x18/0x40 [ 14.223274] kasan_save_alloc_info+0x3b/0x50 [ 14.223420] __kasan_kmalloc+0xb7/0xc0 [ 14.223574] __kmalloc_cache_noprof+0x189/0x420 [ 14.223734] kasan_atomics+0x95/0x310 [ 14.223927] kunit_try_run_case+0x1a5/0x480 [ 14.224174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.224461] kthread+0x337/0x6f0 [ 14.224687] ret_from_fork+0x41/0x80 [ 14.224908] ret_from_fork_asm+0x1a/0x30 [ 14.225112] [ 14.225207] The buggy address belongs to the object at ffff888102a0bf80 [ 14.225207] which belongs to the cache kmalloc-64 of size 64 [ 14.225673] The buggy address is located 0 bytes to the right of [ 14.225673] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.226049] [ 14.226148] The buggy address belongs to the physical page: [ 14.226405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.226778] flags: 0x200000000000000(node=0|zone=2) [ 14.227026] page_type: f5(slab) [ 14.227201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.227535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.227828] page dumped because: kasan: bad access detected [ 14.228126] [ 14.228219] Memory state around the buggy address: [ 14.228447] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.228781] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.229097] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.229399] ^ [ 14.229634] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.229962] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.230272] ================================================================== [ 14.611996] ================================================================== [ 14.612339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.612863] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.613250] [ 14.613419] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.613468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.613481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.613504] Call Trace: [ 14.613525] <TASK> [ 14.613576] dump_stack_lvl+0x73/0xb0 [ 14.613614] print_report+0xd1/0x650 [ 14.613638] ? __virt_addr_valid+0x1db/0x2d0 [ 14.613672] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.613695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.613719] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.613768] kasan_report+0x141/0x180 [ 14.613793] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.613821] __asan_report_load8_noabort+0x18/0x20 [ 14.613854] kasan_atomics_helper+0x4fa5/0x5450 [ 14.613878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.613935] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.613958] ? kasan_atomics+0x152/0x310 [ 14.613993] kasan_atomics+0x1dc/0x310 [ 14.614014] ? __pfx_kasan_atomics+0x10/0x10 [ 14.614035] ? __pfx_read_tsc+0x10/0x10 [ 14.614083] ? ktime_get_ts64+0x86/0x230 [ 14.614110] kunit_try_run_case+0x1a5/0x480 [ 14.614165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.614188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.614213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.614237] ? __kthread_parkme+0x82/0x180 [ 14.614260] ? preempt_count_sub+0x50/0x80 [ 14.614287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.614337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.614362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.614413] kthread+0x337/0x6f0 [ 14.614431] ? trace_preempt_on+0x20/0xc0 [ 14.614455] ? __pfx_kthread+0x10/0x10 [ 14.614474] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.614496] ? calculate_sigpending+0x7b/0xa0 [ 14.614519] ? __pfx_kthread+0x10/0x10 [ 14.614538] ret_from_fork+0x41/0x80 [ 14.614577] ? __pfx_kthread+0x10/0x10 [ 14.614604] ret_from_fork_asm+0x1a/0x30 [ 14.614637] </TASK> [ 14.614675] [ 14.622946] Allocated by task 284: [ 14.623142] kasan_save_stack+0x45/0x70 [ 14.623372] kasan_save_track+0x18/0x40 [ 14.623569] kasan_save_alloc_info+0x3b/0x50 [ 14.623786] __kasan_kmalloc+0xb7/0xc0 [ 14.623982] __kmalloc_cache_noprof+0x189/0x420 [ 14.624259] kasan_atomics+0x95/0x310 [ 14.624456] kunit_try_run_case+0x1a5/0x480 [ 14.624794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.626297] kthread+0x337/0x6f0 [ 14.627849] ret_from_fork+0x41/0x80 [ 14.628124] ret_from_fork_asm+0x1a/0x30 [ 14.628275] [ 14.628351] The buggy address belongs to the object at ffff888102a0bf80 [ 14.628351] which belongs to the cache kmalloc-64 of size 64 [ 14.629146] The buggy address is located 0 bytes to the right of [ 14.629146] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.630331] [ 14.630494] The buggy address belongs to the physical page: [ 14.631141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.631781] flags: 0x200000000000000(node=0|zone=2) [ 14.631957] page_type: f5(slab) [ 14.632083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.632322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.632548] page dumped because: kasan: bad access detected [ 14.633158] [ 14.633315] Memory state around the buggy address: [ 14.633816] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.634467] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.635212] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.635874] ^ [ 14.636343] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.637100] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.637845] ================================================================== [ 14.658675] ================================================================== [ 14.659042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.659370] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.659930] [ 14.660043] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.660091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.660104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.660137] Call Trace: [ 14.660157] <TASK> [ 14.660179] dump_stack_lvl+0x73/0xb0 [ 14.660217] print_report+0xd1/0x650 [ 14.660241] ? __virt_addr_valid+0x1db/0x2d0 [ 14.660273] ? kasan_atomics_helper+0x5115/0x5450 [ 14.660299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.660323] ? kasan_atomics_helper+0x5115/0x5450 [ 14.660347] kasan_report+0x141/0x180 [ 14.660371] ? kasan_atomics_helper+0x5115/0x5450 [ 14.660400] __asan_report_load8_noabort+0x18/0x20 [ 14.660423] kasan_atomics_helper+0x5115/0x5450 [ 14.660447] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.660470] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.660504] ? kasan_atomics+0x152/0x310 [ 14.660528] kasan_atomics+0x1dc/0x310 [ 14.660548] ? __pfx_kasan_atomics+0x10/0x10 [ 14.660581] ? __pfx_read_tsc+0x10/0x10 [ 14.660602] ? ktime_get_ts64+0x86/0x230 [ 14.660630] kunit_try_run_case+0x1a5/0x480 [ 14.660655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.660678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.660704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.660740] ? __kthread_parkme+0x82/0x180 [ 14.660763] ? preempt_count_sub+0x50/0x80 [ 14.660790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.660814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.660863] kthread+0x337/0x6f0 [ 14.660880] ? trace_preempt_on+0x20/0xc0 [ 14.660905] ? __pfx_kthread+0x10/0x10 [ 14.660933] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.660964] ? calculate_sigpending+0x7b/0xa0 [ 14.660987] ? __pfx_kthread+0x10/0x10 [ 14.661006] ret_from_fork+0x41/0x80 [ 14.661038] ? __pfx_kthread+0x10/0x10 [ 14.661057] ret_from_fork_asm+0x1a/0x30 [ 14.661088] </TASK> [ 14.661100] [ 14.668188] Allocated by task 284: [ 14.668413] kasan_save_stack+0x45/0x70 [ 14.668612] kasan_save_track+0x18/0x40 [ 14.668891] kasan_save_alloc_info+0x3b/0x50 [ 14.669083] __kasan_kmalloc+0xb7/0xc0 [ 14.669213] __kmalloc_cache_noprof+0x189/0x420 [ 14.669362] kasan_atomics+0x95/0x310 [ 14.669545] kunit_try_run_case+0x1a5/0x480 [ 14.669756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.670033] kthread+0x337/0x6f0 [ 14.670172] ret_from_fork+0x41/0x80 [ 14.670334] ret_from_fork_asm+0x1a/0x30 [ 14.670540] [ 14.670649] The buggy address belongs to the object at ffff888102a0bf80 [ 14.670649] which belongs to the cache kmalloc-64 of size 64 [ 14.671004] The buggy address is located 0 bytes to the right of [ 14.671004] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.671455] [ 14.671553] The buggy address belongs to the physical page: [ 14.671804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.672168] flags: 0x200000000000000(node=0|zone=2) [ 14.672392] page_type: f5(slab) [ 14.672519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.673150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.673505] page dumped because: kasan: bad access detected [ 14.673761] [ 14.673870] Memory state around the buggy address: [ 14.674045] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.674265] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.674655] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.674980] ^ [ 14.675235] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.675532] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.675858] ================================================================== [ 14.406508] ================================================================== [ 14.407203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.407930] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.408610] [ 14.408790] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.408849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.408861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.408895] Call Trace: [ 14.408925] <TASK> [ 14.408946] dump_stack_lvl+0x73/0xb0 [ 14.408973] print_report+0xd1/0x650 [ 14.408997] ? __virt_addr_valid+0x1db/0x2d0 [ 14.409029] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.409052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.409075] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.409109] kasan_report+0x141/0x180 [ 14.409133] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.409160] kasan_check_range+0x10c/0x1c0 [ 14.409181] __kasan_check_write+0x18/0x20 [ 14.409202] kasan_atomics_helper+0x1d7a/0x5450 [ 14.409225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.409249] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.409272] ? kasan_atomics+0x152/0x310 [ 14.409296] kasan_atomics+0x1dc/0x310 [ 14.409315] ? __pfx_kasan_atomics+0x10/0x10 [ 14.409337] ? __pfx_read_tsc+0x10/0x10 [ 14.409358] ? ktime_get_ts64+0x86/0x230 [ 14.409384] kunit_try_run_case+0x1a5/0x480 [ 14.409411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.409458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.409481] ? __kthread_parkme+0x82/0x180 [ 14.409504] ? preempt_count_sub+0x50/0x80 [ 14.409530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.409598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.409622] kthread+0x337/0x6f0 [ 14.409640] ? trace_preempt_on+0x20/0xc0 [ 14.409664] ? __pfx_kthread+0x10/0x10 [ 14.409684] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.409706] ? calculate_sigpending+0x7b/0xa0 [ 14.409729] ? __pfx_kthread+0x10/0x10 [ 14.409747] ret_from_fork+0x41/0x80 [ 14.409769] ? __pfx_kthread+0x10/0x10 [ 14.409788] ret_from_fork_asm+0x1a/0x30 [ 14.409822] </TASK> [ 14.409833] [ 14.421788] Allocated by task 284: [ 14.421956] kasan_save_stack+0x45/0x70 [ 14.422194] kasan_save_track+0x18/0x40 [ 14.422409] kasan_save_alloc_info+0x3b/0x50 [ 14.422616] __kasan_kmalloc+0xb7/0xc0 [ 14.422853] __kmalloc_cache_noprof+0x189/0x420 [ 14.423224] kasan_atomics+0x95/0x310 [ 14.423413] kunit_try_run_case+0x1a5/0x480 [ 14.423594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.423902] kthread+0x337/0x6f0 [ 14.424079] ret_from_fork+0x41/0x80 [ 14.424214] ret_from_fork_asm+0x1a/0x30 [ 14.424360] [ 14.424431] The buggy address belongs to the object at ffff888102a0bf80 [ 14.424431] which belongs to the cache kmalloc-64 of size 64 [ 14.424982] The buggy address is located 0 bytes to the right of [ 14.424982] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.425650] [ 14.425743] The buggy address belongs to the physical page: [ 14.425925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.426230] flags: 0x200000000000000(node=0|zone=2) [ 14.426480] page_type: f5(slab) [ 14.426754] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.427117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.427416] page dumped because: kasan: bad access detected [ 14.427725] [ 14.427807] Memory state around the buggy address: [ 14.428041] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.428352] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.428674] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.428888] ^ [ 14.429054] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.429369] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.429681] ================================================================== [ 13.379109] ================================================================== [ 13.379447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.380281] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.380604] [ 13.380699] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.380749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.380761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.380785] Call Trace: [ 13.380804] <TASK> [ 13.380824] dump_stack_lvl+0x73/0xb0 [ 13.380853] print_report+0xd1/0x650 [ 13.380878] ? __virt_addr_valid+0x1db/0x2d0 [ 13.380902] ? kasan_atomics_helper+0x3df/0x5450 [ 13.380950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.380976] ? kasan_atomics_helper+0x3df/0x5450 [ 13.380998] kasan_report+0x141/0x180 [ 13.381022] ? kasan_atomics_helper+0x3df/0x5450 [ 13.381049] kasan_check_range+0x10c/0x1c0 [ 13.381070] __kasan_check_read+0x15/0x20 [ 13.381090] kasan_atomics_helper+0x3df/0x5450 [ 13.381114] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.381137] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.381160] ? kasan_atomics+0x152/0x310 [ 13.381184] kasan_atomics+0x1dc/0x310 [ 13.381204] ? __pfx_kasan_atomics+0x10/0x10 [ 13.381225] ? __pfx_read_tsc+0x10/0x10 [ 13.381247] ? ktime_get_ts64+0x86/0x230 [ 13.381272] kunit_try_run_case+0x1a5/0x480 [ 13.381298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.381321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.381346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.381370] ? __kthread_parkme+0x82/0x180 [ 13.381393] ? preempt_count_sub+0x50/0x80 [ 13.381419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.381443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.381467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.381491] kthread+0x337/0x6f0 [ 13.381509] ? trace_preempt_on+0x20/0xc0 [ 13.381533] ? __pfx_kthread+0x10/0x10 [ 13.381553] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.381575] ? calculate_sigpending+0x7b/0xa0 [ 13.381598] ? __pfx_kthread+0x10/0x10 [ 13.381618] ret_from_fork+0x41/0x80 [ 13.381640] ? __pfx_kthread+0x10/0x10 [ 13.381659] ret_from_fork_asm+0x1a/0x30 [ 13.381691] </TASK> [ 13.381703] [ 13.389191] Allocated by task 284: [ 13.389330] kasan_save_stack+0x45/0x70 [ 13.389535] kasan_save_track+0x18/0x40 [ 13.389860] kasan_save_alloc_info+0x3b/0x50 [ 13.390017] __kasan_kmalloc+0xb7/0xc0 [ 13.390150] __kmalloc_cache_noprof+0x189/0x420 [ 13.390409] kasan_atomics+0x95/0x310 [ 13.390627] kunit_try_run_case+0x1a5/0x480 [ 13.390835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.391097] kthread+0x337/0x6f0 [ 13.391267] ret_from_fork+0x41/0x80 [ 13.391398] ret_from_fork_asm+0x1a/0x30 [ 13.391538] [ 13.391613] The buggy address belongs to the object at ffff888102a0bf80 [ 13.391613] which belongs to the cache kmalloc-64 of size 64 [ 13.392356] The buggy address is located 0 bytes to the right of [ 13.392356] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.392757] [ 13.392830] The buggy address belongs to the physical page: [ 13.393012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.393529] flags: 0x200000000000000(node=0|zone=2) [ 13.393779] page_type: f5(slab) [ 13.393963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.394309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.394747] page dumped because: kasan: bad access detected [ 13.394978] [ 13.395063] Memory state around the buggy address: [ 13.395258] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.395475] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.395864] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.396300] ^ [ 13.396482] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.396771] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.397062] ================================================================== [ 13.452532] ================================================================== [ 13.453208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.453528] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.453876] [ 13.454000] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.454047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.454060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.454083] Call Trace: [ 13.454102] <TASK> [ 13.454119] dump_stack_lvl+0x73/0xb0 [ 13.454147] print_report+0xd1/0x650 [ 13.454171] ? __virt_addr_valid+0x1db/0x2d0 [ 13.454193] ? kasan_atomics_helper+0x565/0x5450 [ 13.454215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.454238] ? kasan_atomics_helper+0x565/0x5450 [ 13.454261] kasan_report+0x141/0x180 [ 13.454284] ? kasan_atomics_helper+0x565/0x5450 [ 13.454312] kasan_check_range+0x10c/0x1c0 [ 13.454332] __kasan_check_write+0x18/0x20 [ 13.454353] kasan_atomics_helper+0x565/0x5450 [ 13.454376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.454399] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.454423] ? kasan_atomics+0x152/0x310 [ 13.454446] kasan_atomics+0x1dc/0x310 [ 13.454466] ? __pfx_kasan_atomics+0x10/0x10 [ 13.454487] ? __pfx_read_tsc+0x10/0x10 [ 13.454508] ? ktime_get_ts64+0x86/0x230 [ 13.454534] kunit_try_run_case+0x1a5/0x480 [ 13.454559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.454582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.454608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.454632] ? __kthread_parkme+0x82/0x180 [ 13.454655] ? preempt_count_sub+0x50/0x80 [ 13.454682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.454707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.454731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.454755] kthread+0x337/0x6f0 [ 13.454773] ? trace_preempt_on+0x20/0xc0 [ 13.454797] ? __pfx_kthread+0x10/0x10 [ 13.454816] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.454837] ? calculate_sigpending+0x7b/0xa0 [ 13.454860] ? __pfx_kthread+0x10/0x10 [ 13.454879] ret_from_fork+0x41/0x80 [ 13.454899] ? __pfx_kthread+0x10/0x10 [ 13.454929] ret_from_fork_asm+0x1a/0x30 [ 13.454961] </TASK> [ 13.454972] [ 13.467705] Allocated by task 284: [ 13.467863] kasan_save_stack+0x45/0x70 [ 13.468092] kasan_save_track+0x18/0x40 [ 13.468298] kasan_save_alloc_info+0x3b/0x50 [ 13.468511] __kasan_kmalloc+0xb7/0xc0 [ 13.468701] __kmalloc_cache_noprof+0x189/0x420 [ 13.468910] kasan_atomics+0x95/0x310 [ 13.469100] kunit_try_run_case+0x1a5/0x480 [ 13.469291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.469467] kthread+0x337/0x6f0 [ 13.469600] ret_from_fork+0x41/0x80 [ 13.469782] ret_from_fork_asm+0x1a/0x30 [ 13.469988] [ 13.470077] The buggy address belongs to the object at ffff888102a0bf80 [ 13.470077] which belongs to the cache kmalloc-64 of size 64 [ 13.470437] The buggy address is located 0 bytes to the right of [ 13.470437] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.471380] [ 13.471459] The buggy address belongs to the physical page: [ 13.471634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.471960] flags: 0x200000000000000(node=0|zone=2) [ 13.472195] page_type: f5(slab) [ 13.472381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.472843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.473162] page dumped because: kasan: bad access detected [ 13.473343] [ 13.473413] Memory state around the buggy address: [ 13.473570] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.473896] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.474231] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.474478] ^ [ 13.474735] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.475024] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.475281] ================================================================== [ 14.230953] ================================================================== [ 14.231309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.231803] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.232167] [ 14.232316] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.232364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.232376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.232398] Call Trace: [ 14.232419] <TASK> [ 14.232439] dump_stack_lvl+0x73/0xb0 [ 14.232467] print_report+0xd1/0x650 [ 14.232490] ? __virt_addr_valid+0x1db/0x2d0 [ 14.232514] ? kasan_atomics_helper+0x194a/0x5450 [ 14.232536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.232581] ? kasan_atomics_helper+0x194a/0x5450 [ 14.232605] kasan_report+0x141/0x180 [ 14.232638] ? kasan_atomics_helper+0x194a/0x5450 [ 14.232665] kasan_check_range+0x10c/0x1c0 [ 14.232686] __kasan_check_write+0x18/0x20 [ 14.232717] kasan_atomics_helper+0x194a/0x5450 [ 14.232741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.232765] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.232787] ? kasan_atomics+0x152/0x310 [ 14.232820] kasan_atomics+0x1dc/0x310 [ 14.232840] ? __pfx_kasan_atomics+0x10/0x10 [ 14.232861] ? __pfx_read_tsc+0x10/0x10 [ 14.232892] ? ktime_get_ts64+0x86/0x230 [ 14.232927] kunit_try_run_case+0x1a5/0x480 [ 14.232954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.232985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.233010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.233034] ? __kthread_parkme+0x82/0x180 [ 14.233068] ? preempt_count_sub+0x50/0x80 [ 14.233095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.233119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.233151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.233175] kthread+0x337/0x6f0 [ 14.233192] ? trace_preempt_on+0x20/0xc0 [ 14.233227] ? __pfx_kthread+0x10/0x10 [ 14.233245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.233267] ? calculate_sigpending+0x7b/0xa0 [ 14.233290] ? __pfx_kthread+0x10/0x10 [ 14.233309] ret_from_fork+0x41/0x80 [ 14.233330] ? __pfx_kthread+0x10/0x10 [ 14.233348] ret_from_fork_asm+0x1a/0x30 [ 14.233381] </TASK> [ 14.233391] [ 14.240986] Allocated by task 284: [ 14.241192] kasan_save_stack+0x45/0x70 [ 14.241398] kasan_save_track+0x18/0x40 [ 14.241996] kasan_save_alloc_info+0x3b/0x50 [ 14.242228] __kasan_kmalloc+0xb7/0xc0 [ 14.242419] __kmalloc_cache_noprof+0x189/0x420 [ 14.243423] kasan_atomics+0x95/0x310 [ 14.243654] kunit_try_run_case+0x1a5/0x480 [ 14.243866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.244134] kthread+0x337/0x6f0 [ 14.244319] ret_from_fork+0x41/0x80 [ 14.244502] ret_from_fork_asm+0x1a/0x30 [ 14.245150] [ 14.245389] The buggy address belongs to the object at ffff888102a0bf80 [ 14.245389] which belongs to the cache kmalloc-64 of size 64 [ 14.246324] The buggy address is located 0 bytes to the right of [ 14.246324] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.247341] [ 14.247626] The buggy address belongs to the physical page: [ 14.248257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.248873] flags: 0x200000000000000(node=0|zone=2) [ 14.249222] page_type: f5(slab) [ 14.249651] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.250347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.251001] page dumped because: kasan: bad access detected [ 14.251263] [ 14.251356] Memory state around the buggy address: [ 14.251829] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.252279] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.252788] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.253157] ^ [ 14.253336] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.253560] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.253816] ================================================================== [ 14.490503] ================================================================== [ 14.491317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.491715] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.492104] [ 14.492199] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.492274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.492287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.492311] Call Trace: [ 14.492331] <TASK> [ 14.492353] dump_stack_lvl+0x73/0xb0 [ 14.492379] print_report+0xd1/0x650 [ 14.492404] ? __virt_addr_valid+0x1db/0x2d0 [ 14.492427] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.492449] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.492473] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.492497] kasan_report+0x141/0x180 [ 14.492520] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.492548] __asan_report_load8_noabort+0x18/0x20 [ 14.492584] kasan_atomics_helper+0x4f71/0x5450 [ 14.492608] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.492632] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.492656] ? kasan_atomics+0x152/0x310 [ 14.492680] kasan_atomics+0x1dc/0x310 [ 14.492699] ? __pfx_kasan_atomics+0x10/0x10 [ 14.492730] ? __pfx_read_tsc+0x10/0x10 [ 14.492752] ? ktime_get_ts64+0x86/0x230 [ 14.492814] kunit_try_run_case+0x1a5/0x480 [ 14.492842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.492901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.492936] ? __kthread_parkme+0x82/0x180 [ 14.492959] ? preempt_count_sub+0x50/0x80 [ 14.492987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.493013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.493037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.493061] kthread+0x337/0x6f0 [ 14.493079] ? trace_preempt_on+0x20/0xc0 [ 14.493104] ? __pfx_kthread+0x10/0x10 [ 14.493123] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.493145] ? calculate_sigpending+0x7b/0xa0 [ 14.493195] ? __pfx_kthread+0x10/0x10 [ 14.493215] ret_from_fork+0x41/0x80 [ 14.493237] ? __pfx_kthread+0x10/0x10 [ 14.493256] ret_from_fork_asm+0x1a/0x30 [ 14.493299] </TASK> [ 14.493310] [ 14.502022] Allocated by task 284: [ 14.502222] kasan_save_stack+0x45/0x70 [ 14.502433] kasan_save_track+0x18/0x40 [ 14.502702] kasan_save_alloc_info+0x3b/0x50 [ 14.502922] __kasan_kmalloc+0xb7/0xc0 [ 14.503065] __kmalloc_cache_noprof+0x189/0x420 [ 14.503320] kasan_atomics+0x95/0x310 [ 14.503507] kunit_try_run_case+0x1a5/0x480 [ 14.503734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.504010] kthread+0x337/0x6f0 [ 14.504193] ret_from_fork+0x41/0x80 [ 14.504422] ret_from_fork_asm+0x1a/0x30 [ 14.504643] [ 14.504763] The buggy address belongs to the object at ffff888102a0bf80 [ 14.504763] which belongs to the cache kmalloc-64 of size 64 [ 14.505332] The buggy address is located 0 bytes to the right of [ 14.505332] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.505957] [ 14.506134] The buggy address belongs to the physical page: [ 14.506484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.506951] flags: 0x200000000000000(node=0|zone=2) [ 14.507185] page_type: f5(slab) [ 14.507354] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.507682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.507901] page dumped because: kasan: bad access detected [ 14.508075] [ 14.508141] Memory state around the buggy address: [ 14.508302] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.508783] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.509145] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.509518] ^ [ 14.509766] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.510092] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.510333] ================================================================== [ 14.080453] ================================================================== [ 14.081428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.081846] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.082201] [ 14.082321] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.082370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.082383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.082406] Call Trace: [ 14.082427] <TASK> [ 14.082448] dump_stack_lvl+0x73/0xb0 [ 14.082475] print_report+0xd1/0x650 [ 14.082500] ? __virt_addr_valid+0x1db/0x2d0 [ 14.082523] ? kasan_atomics_helper+0x151d/0x5450 [ 14.082545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.082568] ? kasan_atomics_helper+0x151d/0x5450 [ 14.082591] kasan_report+0x141/0x180 [ 14.082615] ? kasan_atomics_helper+0x151d/0x5450 [ 14.082642] kasan_check_range+0x10c/0x1c0 [ 14.082664] __kasan_check_write+0x18/0x20 [ 14.082685] kasan_atomics_helper+0x151d/0x5450 [ 14.082709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.082732] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.082758] ? kasan_atomics+0x152/0x310 [ 14.082781] kasan_atomics+0x1dc/0x310 [ 14.082801] ? __pfx_kasan_atomics+0x10/0x10 [ 14.082823] ? __pfx_read_tsc+0x10/0x10 [ 14.082844] ? ktime_get_ts64+0x86/0x230 [ 14.082895] kunit_try_run_case+0x1a5/0x480 [ 14.082932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.082981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.083005] ? __kthread_parkme+0x82/0x180 [ 14.083027] ? preempt_count_sub+0x50/0x80 [ 14.083054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.083078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.083102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.083126] kthread+0x337/0x6f0 [ 14.083143] ? trace_preempt_on+0x20/0xc0 [ 14.083167] ? __pfx_kthread+0x10/0x10 [ 14.083185] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.083208] ? calculate_sigpending+0x7b/0xa0 [ 14.083230] ? __pfx_kthread+0x10/0x10 [ 14.083249] ret_from_fork+0x41/0x80 [ 14.083270] ? __pfx_kthread+0x10/0x10 [ 14.083289] ret_from_fork_asm+0x1a/0x30 [ 14.083321] </TASK> [ 14.083332] [ 14.091260] Allocated by task 284: [ 14.091451] kasan_save_stack+0x45/0x70 [ 14.091650] kasan_save_track+0x18/0x40 [ 14.091835] kasan_save_alloc_info+0x3b/0x50 [ 14.092049] __kasan_kmalloc+0xb7/0xc0 [ 14.092336] __kmalloc_cache_noprof+0x189/0x420 [ 14.092505] kasan_atomics+0x95/0x310 [ 14.092820] kunit_try_run_case+0x1a5/0x480 [ 14.093070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.093249] kthread+0x337/0x6f0 [ 14.093399] ret_from_fork+0x41/0x80 [ 14.093639] ret_from_fork_asm+0x1a/0x30 [ 14.093830] [ 14.093942] The buggy address belongs to the object at ffff888102a0bf80 [ 14.093942] which belongs to the cache kmalloc-64 of size 64 [ 14.094426] The buggy address is located 0 bytes to the right of [ 14.094426] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.094956] [ 14.095057] The buggy address belongs to the physical page: [ 14.095314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.095692] flags: 0x200000000000000(node=0|zone=2) [ 14.095886] page_type: f5(slab) [ 14.096061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.096396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.096739] page dumped because: kasan: bad access detected [ 14.096972] [ 14.097063] Memory state around the buggy address: [ 14.097273] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.097609] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.097895] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.098208] ^ [ 14.098408] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.098744] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.099052] ================================================================== [ 13.776985] ================================================================== [ 13.777324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 13.777679] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.778120] [ 13.778259] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.778315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.778327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.778349] Call Trace: [ 13.778366] <TASK> [ 13.778385] dump_stack_lvl+0x73/0xb0 [ 13.778410] print_report+0xd1/0x650 [ 13.778433] ? __virt_addr_valid+0x1db/0x2d0 [ 13.778456] ? kasan_atomics_helper+0xf10/0x5450 [ 13.778478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.778501] ? kasan_atomics_helper+0xf10/0x5450 [ 13.778523] kasan_report+0x141/0x180 [ 13.778547] ? kasan_atomics_helper+0xf10/0x5450 [ 13.778586] kasan_check_range+0x10c/0x1c0 [ 13.778607] __kasan_check_write+0x18/0x20 [ 13.778628] kasan_atomics_helper+0xf10/0x5450 [ 13.778651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.778675] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.778698] ? kasan_atomics+0x152/0x310 [ 13.778721] kasan_atomics+0x1dc/0x310 [ 13.778741] ? __pfx_kasan_atomics+0x10/0x10 [ 13.778762] ? __pfx_read_tsc+0x10/0x10 [ 13.778783] ? ktime_get_ts64+0x86/0x230 [ 13.778809] kunit_try_run_case+0x1a5/0x480 [ 13.778834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.778882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.778907] ? __kthread_parkme+0x82/0x180 [ 13.778949] ? preempt_count_sub+0x50/0x80 [ 13.778975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.779033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.779057] kthread+0x337/0x6f0 [ 13.779075] ? trace_preempt_on+0x20/0xc0 [ 13.779099] ? __pfx_kthread+0x10/0x10 [ 13.779119] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.779141] ? calculate_sigpending+0x7b/0xa0 [ 13.779164] ? __pfx_kthread+0x10/0x10 [ 13.779183] ret_from_fork+0x41/0x80 [ 13.779205] ? __pfx_kthread+0x10/0x10 [ 13.779223] ret_from_fork_asm+0x1a/0x30 [ 13.779255] </TASK> [ 13.779266] [ 13.787072] Allocated by task 284: [ 13.787275] kasan_save_stack+0x45/0x70 [ 13.787459] kasan_save_track+0x18/0x40 [ 13.787663] kasan_save_alloc_info+0x3b/0x50 [ 13.787879] __kasan_kmalloc+0xb7/0xc0 [ 13.788064] __kmalloc_cache_noprof+0x189/0x420 [ 13.788277] kasan_atomics+0x95/0x310 [ 13.788458] kunit_try_run_case+0x1a5/0x480 [ 13.788673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788890] kthread+0x337/0x6f0 [ 13.789021] ret_from_fork+0x41/0x80 [ 13.789162] ret_from_fork_asm+0x1a/0x30 [ 13.789379] [ 13.789473] The buggy address belongs to the object at ffff888102a0bf80 [ 13.789473] which belongs to the cache kmalloc-64 of size 64 [ 13.790132] The buggy address is located 0 bytes to the right of [ 13.790132] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.790711] [ 13.790789] The buggy address belongs to the physical page: [ 13.791032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.791268] flags: 0x200000000000000(node=0|zone=2) [ 13.791430] page_type: f5(slab) [ 13.791551] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.791936] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.792280] page dumped because: kasan: bad access detected [ 13.792529] [ 13.792620] Memory state around the buggy address: [ 13.792857] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793086] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793308] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.793609] ^ [ 13.793868] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.794217] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.794536] ================================================================== [ 14.430318] ================================================================== [ 14.430617] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.431098] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.431412] [ 14.431528] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.431593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.431607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.431632] Call Trace: [ 14.431664] <TASK> [ 14.431685] dump_stack_lvl+0x73/0xb0 [ 14.431711] print_report+0xd1/0x650 [ 14.431735] ? __virt_addr_valid+0x1db/0x2d0 [ 14.431758] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.431780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.431804] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.431827] kasan_report+0x141/0x180 [ 14.431850] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.431885] kasan_check_range+0x10c/0x1c0 [ 14.431906] __kasan_check_write+0x18/0x20 [ 14.431943] kasan_atomics_helper+0x1e12/0x5450 [ 14.431968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.431991] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.432014] ? kasan_atomics+0x152/0x310 [ 14.432038] kasan_atomics+0x1dc/0x310 [ 14.432067] ? __pfx_kasan_atomics+0x10/0x10 [ 14.432088] ? __pfx_read_tsc+0x10/0x10 [ 14.432110] ? ktime_get_ts64+0x86/0x230 [ 14.432146] kunit_try_run_case+0x1a5/0x480 [ 14.432172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.432195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.432229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.432259] ? __kthread_parkme+0x82/0x180 [ 14.432283] ? preempt_count_sub+0x50/0x80 [ 14.432318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.432342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.432365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.432397] kthread+0x337/0x6f0 [ 14.432414] ? trace_preempt_on+0x20/0xc0 [ 14.432439] ? __pfx_kthread+0x10/0x10 [ 14.432458] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.432491] ? calculate_sigpending+0x7b/0xa0 [ 14.432514] ? __pfx_kthread+0x10/0x10 [ 14.432534] ret_from_fork+0x41/0x80 [ 14.432554] ? __pfx_kthread+0x10/0x10 [ 14.432574] ret_from_fork_asm+0x1a/0x30 [ 14.432615] </TASK> [ 14.432627] [ 14.440350] Allocated by task 284: [ 14.440541] kasan_save_stack+0x45/0x70 [ 14.440792] kasan_save_track+0x18/0x40 [ 14.441034] kasan_save_alloc_info+0x3b/0x50 [ 14.441226] __kasan_kmalloc+0xb7/0xc0 [ 14.441426] __kmalloc_cache_noprof+0x189/0x420 [ 14.441732] kasan_atomics+0x95/0x310 [ 14.441951] kunit_try_run_case+0x1a5/0x480 [ 14.442164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.442364] kthread+0x337/0x6f0 [ 14.442490] ret_from_fork+0x41/0x80 [ 14.442774] ret_from_fork_asm+0x1a/0x30 [ 14.442995] [ 14.443124] The buggy address belongs to the object at ffff888102a0bf80 [ 14.443124] which belongs to the cache kmalloc-64 of size 64 [ 14.443739] The buggy address is located 0 bytes to the right of [ 14.443739] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.444347] [ 14.444446] The buggy address belongs to the physical page: [ 14.444740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.445119] flags: 0x200000000000000(node=0|zone=2) [ 14.445282] page_type: f5(slab) [ 14.445405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.445739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.446152] page dumped because: kasan: bad access detected [ 14.446493] [ 14.446667] Memory state around the buggy address: [ 14.446961] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.447273] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.447482] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.447826] ^ [ 14.448095] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.448541] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.448948] ================================================================== [ 13.512615] ================================================================== [ 13.513127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.513456] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.513746] [ 13.513859] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.513905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.513929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.513951] Call Trace: [ 13.513970] <TASK> [ 13.513989] dump_stack_lvl+0x73/0xb0 [ 13.514014] print_report+0xd1/0x650 [ 13.514037] ? __virt_addr_valid+0x1db/0x2d0 [ 13.514060] ? kasan_atomics_helper+0x72f/0x5450 [ 13.514082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.514105] ? kasan_atomics_helper+0x72f/0x5450 [ 13.514128] kasan_report+0x141/0x180 [ 13.514151] ? kasan_atomics_helper+0x72f/0x5450 [ 13.514178] kasan_check_range+0x10c/0x1c0 [ 13.514199] __kasan_check_write+0x18/0x20 [ 13.514220] kasan_atomics_helper+0x72f/0x5450 [ 13.514243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.514266] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.514289] ? kasan_atomics+0x152/0x310 [ 13.514312] kasan_atomics+0x1dc/0x310 [ 13.514332] ? __pfx_kasan_atomics+0x10/0x10 [ 13.514353] ? __pfx_read_tsc+0x10/0x10 [ 13.514374] ? ktime_get_ts64+0x86/0x230 [ 13.514399] kunit_try_run_case+0x1a5/0x480 [ 13.514425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.514473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.514498] ? __kthread_parkme+0x82/0x180 [ 13.514521] ? preempt_count_sub+0x50/0x80 [ 13.514547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.514596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.514620] kthread+0x337/0x6f0 [ 13.514637] ? trace_preempt_on+0x20/0xc0 [ 13.514661] ? __pfx_kthread+0x10/0x10 [ 13.514680] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.514703] ? calculate_sigpending+0x7b/0xa0 [ 13.514725] ? __pfx_kthread+0x10/0x10 [ 13.514744] ret_from_fork+0x41/0x80 [ 13.514765] ? __pfx_kthread+0x10/0x10 [ 13.514784] ret_from_fork_asm+0x1a/0x30 [ 13.514826] </TASK> [ 13.514837] [ 13.526527] Allocated by task 284: [ 13.526736] kasan_save_stack+0x45/0x70 [ 13.526899] kasan_save_track+0x18/0x40 [ 13.527765] kasan_save_alloc_info+0x3b/0x50 [ 13.528303] __kasan_kmalloc+0xb7/0xc0 [ 13.528778] __kmalloc_cache_noprof+0x189/0x420 [ 13.529338] kasan_atomics+0x95/0x310 [ 13.529822] kunit_try_run_case+0x1a5/0x480 [ 13.530414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.530960] kthread+0x337/0x6f0 [ 13.531576] ret_from_fork+0x41/0x80 [ 13.532051] ret_from_fork_asm+0x1a/0x30 [ 13.532687] [ 13.532773] The buggy address belongs to the object at ffff888102a0bf80 [ 13.532773] which belongs to the cache kmalloc-64 of size 64 [ 13.534199] The buggy address is located 0 bytes to the right of [ 13.534199] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.534964] [ 13.535342] The buggy address belongs to the physical page: [ 13.536102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.536974] flags: 0x200000000000000(node=0|zone=2) [ 13.537153] page_type: f5(slab) [ 13.537282] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.537527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.537764] page dumped because: kasan: bad access detected [ 13.537948] [ 13.538021] Memory state around the buggy address: [ 13.538181] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.538400] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.538617] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.538829] ^ [ 13.539230] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.540084] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.540855] ================================================================== [ 14.062425] ================================================================== [ 14.062857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.063117] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.063344] [ 14.063434] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.063480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.063494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.063516] Call Trace: [ 14.063538] <TASK> [ 14.063558] dump_stack_lvl+0x73/0xb0 [ 14.063583] print_report+0xd1/0x650 [ 14.063606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.063630] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.063652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.063676] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.063699] kasan_report+0x141/0x180 [ 14.063722] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.063750] __asan_report_store8_noabort+0x1b/0x30 [ 14.063772] kasan_atomics_helper+0x50d4/0x5450 [ 14.063796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.063819] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.063842] ? kasan_atomics+0x152/0x310 [ 14.063866] kasan_atomics+0x1dc/0x310 [ 14.063886] ? __pfx_kasan_atomics+0x10/0x10 [ 14.063907] ? __pfx_read_tsc+0x10/0x10 [ 14.063940] ? ktime_get_ts64+0x86/0x230 [ 14.063966] kunit_try_run_case+0x1a5/0x480 [ 14.063992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.064015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.064040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.064065] ? __kthread_parkme+0x82/0x180 [ 14.064088] ? preempt_count_sub+0x50/0x80 [ 14.064114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.064139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.064163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.064187] kthread+0x337/0x6f0 [ 14.064206] ? trace_preempt_on+0x20/0xc0 [ 14.064232] ? __pfx_kthread+0x10/0x10 [ 14.064255] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.064277] ? calculate_sigpending+0x7b/0xa0 [ 14.064300] ? __pfx_kthread+0x10/0x10 [ 14.064319] ret_from_fork+0x41/0x80 [ 14.064340] ? __pfx_kthread+0x10/0x10 [ 14.064358] ret_from_fork_asm+0x1a/0x30 [ 14.064390] </TASK> [ 14.064401] [ 14.072033] Allocated by task 284: [ 14.072359] kasan_save_stack+0x45/0x70 [ 14.072573] kasan_save_track+0x18/0x40 [ 14.072771] kasan_save_alloc_info+0x3b/0x50 [ 14.072989] __kasan_kmalloc+0xb7/0xc0 [ 14.073180] __kmalloc_cache_noprof+0x189/0x420 [ 14.073369] kasan_atomics+0x95/0x310 [ 14.073534] kunit_try_run_case+0x1a5/0x480 [ 14.073717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.073885] kthread+0x337/0x6f0 [ 14.074012] ret_from_fork+0x41/0x80 [ 14.074139] ret_from_fork_asm+0x1a/0x30 [ 14.074277] [ 14.074376] The buggy address belongs to the object at ffff888102a0bf80 [ 14.074376] which belongs to the cache kmalloc-64 of size 64 [ 14.075344] The buggy address is located 0 bytes to the right of [ 14.075344] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.075818] [ 14.075911] The buggy address belongs to the physical page: [ 14.076116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.076357] flags: 0x200000000000000(node=0|zone=2) [ 14.076524] page_type: f5(slab) [ 14.076765] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.077116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.077448] page dumped because: kasan: bad access detected [ 14.077774] [ 14.077842] Memory state around the buggy address: [ 14.078050] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.078368] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.078687] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.078970] ^ [ 14.079150] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.079357] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.079562] ================================================================== [ 14.099951] ================================================================== [ 14.100316] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.100696] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.101172] [ 14.101266] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.101313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.101326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.101350] Call Trace: [ 14.101369] <TASK> [ 14.101389] dump_stack_lvl+0x73/0xb0 [ 14.101414] print_report+0xd1/0x650 [ 14.101439] ? __virt_addr_valid+0x1db/0x2d0 [ 14.101461] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.101483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.101507] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.101530] kasan_report+0x141/0x180 [ 14.101553] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.101593] kasan_check_range+0x10c/0x1c0 [ 14.101614] __kasan_check_write+0x18/0x20 [ 14.101664] kasan_atomics_helper+0x15b6/0x5450 [ 14.101688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.101711] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.101752] ? kasan_atomics+0x152/0x310 [ 14.101777] kasan_atomics+0x1dc/0x310 [ 14.101797] ? __pfx_kasan_atomics+0x10/0x10 [ 14.101835] ? __pfx_read_tsc+0x10/0x10 [ 14.101856] ? ktime_get_ts64+0x86/0x230 [ 14.101882] kunit_try_run_case+0x1a5/0x480 [ 14.101937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.101960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.101985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.102011] ? __kthread_parkme+0x82/0x180 [ 14.102034] ? preempt_count_sub+0x50/0x80 [ 14.102079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.102104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.102152] kthread+0x337/0x6f0 [ 14.102169] ? trace_preempt_on+0x20/0xc0 [ 14.102194] ? __pfx_kthread+0x10/0x10 [ 14.102230] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.102254] ? calculate_sigpending+0x7b/0xa0 [ 14.102277] ? __pfx_kthread+0x10/0x10 [ 14.102296] ret_from_fork+0x41/0x80 [ 14.102317] ? __pfx_kthread+0x10/0x10 [ 14.102336] ret_from_fork_asm+0x1a/0x30 [ 14.102367] </TASK> [ 14.102378] [ 14.110389] Allocated by task 284: [ 14.110578] kasan_save_stack+0x45/0x70 [ 14.110773] kasan_save_track+0x18/0x40 [ 14.110996] kasan_save_alloc_info+0x3b/0x50 [ 14.111222] __kasan_kmalloc+0xb7/0xc0 [ 14.111405] __kmalloc_cache_noprof+0x189/0x420 [ 14.111607] kasan_atomics+0x95/0x310 [ 14.111757] kunit_try_run_case+0x1a5/0x480 [ 14.111902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.112139] kthread+0x337/0x6f0 [ 14.112331] ret_from_fork+0x41/0x80 [ 14.112533] ret_from_fork_asm+0x1a/0x30 [ 14.112773] [ 14.112913] The buggy address belongs to the object at ffff888102a0bf80 [ 14.112913] which belongs to the cache kmalloc-64 of size 64 [ 14.114239] The buggy address is located 0 bytes to the right of [ 14.114239] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.114690] [ 14.114767] The buggy address belongs to the physical page: [ 14.115024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.115969] flags: 0x200000000000000(node=0|zone=2) [ 14.116222] page_type: f5(slab) [ 14.116396] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.117623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.117935] page dumped because: kasan: bad access detected [ 14.118116] [ 14.118188] Memory state around the buggy address: [ 14.118352] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.118579] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.118799] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.119022] ^ [ 14.119179] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.119398] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.119615] ================================================================== [ 13.355459] ================================================================== [ 13.355826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.356257] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.356638] [ 13.356763] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.356810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.356824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.356864] Call Trace: [ 13.356877] <TASK> [ 13.356895] dump_stack_lvl+0x73/0xb0 [ 13.356947] print_report+0xd1/0x650 [ 13.356985] ? __virt_addr_valid+0x1db/0x2d0 [ 13.357034] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.357056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.357080] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.357103] kasan_report+0x141/0x180 [ 13.357125] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.357153] __asan_report_store4_noabort+0x1b/0x30 [ 13.357175] kasan_atomics_helper+0x4b6e/0x5450 [ 13.357199] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.357222] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.357247] ? kasan_atomics+0x152/0x310 [ 13.357271] kasan_atomics+0x1dc/0x310 [ 13.357291] ? __pfx_kasan_atomics+0x10/0x10 [ 13.357313] ? __pfx_read_tsc+0x10/0x10 [ 13.357334] ? ktime_get_ts64+0x86/0x230 [ 13.357360] kunit_try_run_case+0x1a5/0x480 [ 13.357386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.357408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.357433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.357457] ? __kthread_parkme+0x82/0x180 [ 13.357480] ? preempt_count_sub+0x50/0x80 [ 13.357507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.357531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.357556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.357579] kthread+0x337/0x6f0 [ 13.357597] ? trace_preempt_on+0x20/0xc0 [ 13.357621] ? __pfx_kthread+0x10/0x10 [ 13.357640] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.357662] ? calculate_sigpending+0x7b/0xa0 [ 13.357684] ? __pfx_kthread+0x10/0x10 [ 13.357703] ret_from_fork+0x41/0x80 [ 13.357742] ? __pfx_kthread+0x10/0x10 [ 13.357774] ret_from_fork_asm+0x1a/0x30 [ 13.357819] </TASK> [ 13.357831] [ 13.367128] Allocated by task 284: [ 13.367332] kasan_save_stack+0x45/0x70 [ 13.367807] kasan_save_track+0x18/0x40 [ 13.368035] kasan_save_alloc_info+0x3b/0x50 [ 13.368369] __kasan_kmalloc+0xb7/0xc0 [ 13.368600] __kmalloc_cache_noprof+0x189/0x420 [ 13.368948] kasan_atomics+0x95/0x310 [ 13.369165] kunit_try_run_case+0x1a5/0x480 [ 13.369468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.369836] kthread+0x337/0x6f0 [ 13.369986] ret_from_fork+0x41/0x80 [ 13.370196] ret_from_fork_asm+0x1a/0x30 [ 13.370558] [ 13.370697] The buggy address belongs to the object at ffff888102a0bf80 [ 13.370697] which belongs to the cache kmalloc-64 of size 64 [ 13.371361] The buggy address is located 0 bytes to the right of [ 13.371361] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.372048] [ 13.372297] The buggy address belongs to the physical page: [ 13.372574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.373053] flags: 0x200000000000000(node=0|zone=2) [ 13.373370] page_type: f5(slab) [ 13.373626] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.373982] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.374442] page dumped because: kasan: bad access detected [ 13.374893] [ 13.375029] Memory state around the buggy address: [ 13.375363] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.375710] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.376158] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.376550] ^ [ 13.376795] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.377236] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.377648] ================================================================== [ 14.377878] ================================================================== [ 14.378690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.379638] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.379967] [ 14.380183] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.380232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.380251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.380275] Call Trace: [ 14.380295] <TASK> [ 14.380316] dump_stack_lvl+0x73/0xb0 [ 14.380344] print_report+0xd1/0x650 [ 14.380368] ? __virt_addr_valid+0x1db/0x2d0 [ 14.380392] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.380414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.380438] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.380461] kasan_report+0x141/0x180 [ 14.380485] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.380513] kasan_check_range+0x10c/0x1c0 [ 14.380534] __kasan_check_write+0x18/0x20 [ 14.380577] kasan_atomics_helper+0x1ce1/0x5450 [ 14.380604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.380629] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.380653] ? kasan_atomics+0x152/0x310 [ 14.380678] kasan_atomics+0x1dc/0x310 [ 14.380697] ? __pfx_kasan_atomics+0x10/0x10 [ 14.380745] ? __pfx_read_tsc+0x10/0x10 [ 14.380769] ? ktime_get_ts64+0x86/0x230 [ 14.380796] kunit_try_run_case+0x1a5/0x480 [ 14.380833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.380858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.380885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.380908] ? __kthread_parkme+0x82/0x180 [ 14.380941] ? preempt_count_sub+0x50/0x80 [ 14.380976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.381000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.381034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.381058] kthread+0x337/0x6f0 [ 14.381075] ? trace_preempt_on+0x20/0xc0 [ 14.381100] ? __pfx_kthread+0x10/0x10 [ 14.381119] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.381141] ? calculate_sigpending+0x7b/0xa0 [ 14.381163] ? __pfx_kthread+0x10/0x10 [ 14.381182] ret_from_fork+0x41/0x80 [ 14.381203] ? __pfx_kthread+0x10/0x10 [ 14.381222] ret_from_fork_asm+0x1a/0x30 [ 14.381254] </TASK> [ 14.381266] [ 14.393007] Allocated by task 284: [ 14.393364] kasan_save_stack+0x45/0x70 [ 14.393761] kasan_save_track+0x18/0x40 [ 14.394139] kasan_save_alloc_info+0x3b/0x50 [ 14.394545] __kasan_kmalloc+0xb7/0xc0 [ 14.394929] __kmalloc_cache_noprof+0x189/0x420 [ 14.395348] kasan_atomics+0x95/0x310 [ 14.395727] kunit_try_run_case+0x1a5/0x480 [ 14.396128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.396636] kthread+0x337/0x6f0 [ 14.396956] ret_from_fork+0x41/0x80 [ 14.397311] ret_from_fork_asm+0x1a/0x30 [ 14.397712] [ 14.397876] The buggy address belongs to the object at ffff888102a0bf80 [ 14.397876] which belongs to the cache kmalloc-64 of size 64 [ 14.398346] The buggy address is located 0 bytes to the right of [ 14.398346] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.399118] [ 14.399279] The buggy address belongs to the physical page: [ 14.399802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.400502] flags: 0x200000000000000(node=0|zone=2) [ 14.400972] page_type: f5(slab) [ 14.401291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.401524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.402220] page dumped because: kasan: bad access detected [ 14.402739] [ 14.402904] Memory state around the buggy address: [ 14.403295] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.403513] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.404142] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.404796] ^ [ 14.405082] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.405302] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.405517] ================================================================== [ 14.638907] ================================================================== [ 14.639581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.640253] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.640653] [ 14.640746] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.640795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.640808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.640831] Call Trace: [ 14.640851] <TASK> [ 14.640872] dump_stack_lvl+0x73/0xb0 [ 14.640900] print_report+0xd1/0x650 [ 14.640936] ? __virt_addr_valid+0x1db/0x2d0 [ 14.640959] ? kasan_atomics_helper+0x224c/0x5450 [ 14.640981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.641005] ? kasan_atomics_helper+0x224c/0x5450 [ 14.641029] kasan_report+0x141/0x180 [ 14.641053] ? kasan_atomics_helper+0x224c/0x5450 [ 14.641081] kasan_check_range+0x10c/0x1c0 [ 14.641102] __kasan_check_write+0x18/0x20 [ 14.641123] kasan_atomics_helper+0x224c/0x5450 [ 14.641147] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.641170] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.641193] ? kasan_atomics+0x152/0x310 [ 14.641217] kasan_atomics+0x1dc/0x310 [ 14.641237] ? __pfx_kasan_atomics+0x10/0x10 [ 14.641258] ? __pfx_read_tsc+0x10/0x10 [ 14.641280] ? ktime_get_ts64+0x86/0x230 [ 14.641306] kunit_try_run_case+0x1a5/0x480 [ 14.641332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.641381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.641405] ? __kthread_parkme+0x82/0x180 [ 14.641429] ? preempt_count_sub+0x50/0x80 [ 14.641455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.641503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.641527] kthread+0x337/0x6f0 [ 14.641545] ? trace_preempt_on+0x20/0xc0 [ 14.641569] ? __pfx_kthread+0x10/0x10 [ 14.641588] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.641610] ? calculate_sigpending+0x7b/0xa0 [ 14.641633] ? __pfx_kthread+0x10/0x10 [ 14.641652] ret_from_fork+0x41/0x80 [ 14.641710] ? __pfx_kthread+0x10/0x10 [ 14.641729] ret_from_fork_asm+0x1a/0x30 [ 14.641785] </TASK> [ 14.641797] [ 14.650053] Allocated by task 284: [ 14.650200] kasan_save_stack+0x45/0x70 [ 14.650353] kasan_save_track+0x18/0x40 [ 14.650506] kasan_save_alloc_info+0x3b/0x50 [ 14.650901] __kasan_kmalloc+0xb7/0xc0 [ 14.651148] __kmalloc_cache_noprof+0x189/0x420 [ 14.651405] kasan_atomics+0x95/0x310 [ 14.651577] kunit_try_run_case+0x1a5/0x480 [ 14.651722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.652001] kthread+0x337/0x6f0 [ 14.652213] ret_from_fork+0x41/0x80 [ 14.652402] ret_from_fork_asm+0x1a/0x30 [ 14.652617] [ 14.652693] The buggy address belongs to the object at ffff888102a0bf80 [ 14.652693] which belongs to the cache kmalloc-64 of size 64 [ 14.653051] The buggy address is located 0 bytes to the right of [ 14.653051] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.653595] [ 14.653708] The buggy address belongs to the physical page: [ 14.654035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.654487] flags: 0x200000000000000(node=0|zone=2) [ 14.654970] page_type: f5(slab) [ 14.655155] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.655394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.655798] page dumped because: kasan: bad access detected [ 14.656099] [ 14.656206] Memory state around the buggy address: [ 14.656400] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.656718] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.657047] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.657332] ^ [ 14.657484] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.657691] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.658022] ================================================================== [ 14.273277] ================================================================== [ 14.273569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.273954] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.274245] [ 14.274362] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.274411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.274424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.274447] Call Trace: [ 14.274467] <TASK> [ 14.274487] dump_stack_lvl+0x73/0xb0 [ 14.274514] print_report+0xd1/0x650 [ 14.274539] ? __virt_addr_valid+0x1db/0x2d0 [ 14.274564] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.274589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.274615] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.274638] kasan_report+0x141/0x180 [ 14.274663] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.274690] kasan_check_range+0x10c/0x1c0 [ 14.274711] __kasan_check_write+0x18/0x20 [ 14.274732] kasan_atomics_helper+0x1a7f/0x5450 [ 14.274756] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.274779] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.274802] ? kasan_atomics+0x152/0x310 [ 14.274827] kasan_atomics+0x1dc/0x310 [ 14.274847] ? __pfx_kasan_atomics+0x10/0x10 [ 14.274868] ? __pfx_read_tsc+0x10/0x10 [ 14.274890] ? ktime_get_ts64+0x86/0x230 [ 14.274927] kunit_try_run_case+0x1a5/0x480 [ 14.274953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.274976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.275001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275025] ? __kthread_parkme+0x82/0x180 [ 14.275048] ? preempt_count_sub+0x50/0x80 [ 14.275074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275147] kthread+0x337/0x6f0 [ 14.275164] ? trace_preempt_on+0x20/0xc0 [ 14.275189] ? __pfx_kthread+0x10/0x10 [ 14.275209] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275234] ? calculate_sigpending+0x7b/0xa0 [ 14.275261] ? __pfx_kthread+0x10/0x10 [ 14.275282] ret_from_fork+0x41/0x80 [ 14.275305] ? __pfx_kthread+0x10/0x10 [ 14.275324] ret_from_fork_asm+0x1a/0x30 [ 14.275357] </TASK> [ 14.275370] [ 14.282986] Allocated by task 284: [ 14.283173] kasan_save_stack+0x45/0x70 [ 14.283325] kasan_save_track+0x18/0x40 [ 14.283520] kasan_save_alloc_info+0x3b/0x50 [ 14.283933] __kasan_kmalloc+0xb7/0xc0 [ 14.284123] __kmalloc_cache_noprof+0x189/0x420 [ 14.284328] kasan_atomics+0x95/0x310 [ 14.284493] kunit_try_run_case+0x1a5/0x480 [ 14.285299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.285870] kthread+0x337/0x6f0 [ 14.286017] ret_from_fork+0x41/0x80 [ 14.286148] ret_from_fork_asm+0x1a/0x30 [ 14.286306] [ 14.286404] The buggy address belongs to the object at ffff888102a0bf80 [ 14.286404] which belongs to the cache kmalloc-64 of size 64 [ 14.287680] The buggy address is located 0 bytes to the right of [ 14.287680] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.288081] [ 14.288162] The buggy address belongs to the physical page: [ 14.288350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.288610] flags: 0x200000000000000(node=0|zone=2) [ 14.288780] page_type: f5(slab) [ 14.288908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.289150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.289379] page dumped because: kasan: bad access detected [ 14.289550] [ 14.289620] Memory state around the buggy address: [ 14.289779] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.290077] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.290399] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.290854] ^ [ 14.291146] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.291532] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.291964] ================================================================== [ 14.591248] ================================================================== [ 14.591731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.592288] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.592517] [ 14.592658] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.592705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.592718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.592740] Call Trace: [ 14.592761] <TASK> [ 14.592781] dump_stack_lvl+0x73/0xb0 [ 14.592845] print_report+0xd1/0x650 [ 14.592870] ? __virt_addr_valid+0x1db/0x2d0 [ 14.592892] ? kasan_atomics_helper+0x218a/0x5450 [ 14.592935] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.592960] ? kasan_atomics_helper+0x218a/0x5450 [ 14.592982] kasan_report+0x141/0x180 [ 14.593005] ? kasan_atomics_helper+0x218a/0x5450 [ 14.593033] kasan_check_range+0x10c/0x1c0 [ 14.593054] __kasan_check_write+0x18/0x20 [ 14.593102] kasan_atomics_helper+0x218a/0x5450 [ 14.593128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.593151] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.593185] ? kasan_atomics+0x152/0x310 [ 14.593208] kasan_atomics+0x1dc/0x310 [ 14.593253] ? __pfx_kasan_atomics+0x10/0x10 [ 14.593275] ? __pfx_read_tsc+0x10/0x10 [ 14.593296] ? ktime_get_ts64+0x86/0x230 [ 14.593333] kunit_try_run_case+0x1a5/0x480 [ 14.593359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.593433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.593457] ? __kthread_parkme+0x82/0x180 [ 14.593490] ? preempt_count_sub+0x50/0x80 [ 14.593517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.593599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.593635] kthread+0x337/0x6f0 [ 14.593653] ? trace_preempt_on+0x20/0xc0 [ 14.593677] ? __pfx_kthread+0x10/0x10 [ 14.593729] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.593753] ? calculate_sigpending+0x7b/0xa0 [ 14.593776] ? __pfx_kthread+0x10/0x10 [ 14.593805] ret_from_fork+0x41/0x80 [ 14.593827] ? __pfx_kthread+0x10/0x10 [ 14.593868] ret_from_fork_asm+0x1a/0x30 [ 14.593900] </TASK> [ 14.593912] [ 14.602432] Allocated by task 284: [ 14.602615] kasan_save_stack+0x45/0x70 [ 14.602825] kasan_save_track+0x18/0x40 [ 14.603047] kasan_save_alloc_info+0x3b/0x50 [ 14.603275] __kasan_kmalloc+0xb7/0xc0 [ 14.603451] __kmalloc_cache_noprof+0x189/0x420 [ 14.603724] kasan_atomics+0x95/0x310 [ 14.603913] kunit_try_run_case+0x1a5/0x480 [ 14.604161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.604435] kthread+0x337/0x6f0 [ 14.604648] ret_from_fork+0x41/0x80 [ 14.604828] ret_from_fork_asm+0x1a/0x30 [ 14.605030] [ 14.605155] The buggy address belongs to the object at ffff888102a0bf80 [ 14.605155] which belongs to the cache kmalloc-64 of size 64 [ 14.605714] The buggy address is located 0 bytes to the right of [ 14.605714] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.606276] [ 14.606411] The buggy address belongs to the physical page: [ 14.606781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.607118] flags: 0x200000000000000(node=0|zone=2) [ 14.607453] page_type: f5(slab) [ 14.607643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.607911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.608256] page dumped because: kasan: bad access detected [ 14.608542] [ 14.608633] Memory state around the buggy address: [ 14.608962] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609173] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609487] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.610211] ^ [ 14.610449] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.610735] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.611099] ================================================================== [ 13.898642] ================================================================== [ 13.899280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 13.899522] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.899739] [ 13.899856] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.899901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.899934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.899956] Call Trace: [ 13.899974] <TASK> [ 13.899991] dump_stack_lvl+0x73/0xb0 [ 13.900015] print_report+0xd1/0x650 [ 13.900038] ? __virt_addr_valid+0x1db/0x2d0 [ 13.900061] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.900083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.900107] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.900129] kasan_report+0x141/0x180 [ 13.900152] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.900179] __asan_report_load4_noabort+0x18/0x20 [ 13.900201] kasan_atomics_helper+0x4a02/0x5450 [ 13.900224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.900255] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.900278] ? kasan_atomics+0x152/0x310 [ 13.900302] kasan_atomics+0x1dc/0x310 [ 13.900324] ? __pfx_kasan_atomics+0x10/0x10 [ 13.900346] ? __pfx_read_tsc+0x10/0x10 [ 13.900366] ? ktime_get_ts64+0x86/0x230 [ 13.900392] kunit_try_run_case+0x1a5/0x480 [ 13.900417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.900440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.900464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.900497] ? __kthread_parkme+0x82/0x180 [ 13.900521] ? preempt_count_sub+0x50/0x80 [ 13.900547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.900572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.900595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.900620] kthread+0x337/0x6f0 [ 13.900638] ? trace_preempt_on+0x20/0xc0 [ 13.900663] ? __pfx_kthread+0x10/0x10 [ 13.900692] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.900715] ? calculate_sigpending+0x7b/0xa0 [ 13.900737] ? __pfx_kthread+0x10/0x10 [ 13.900767] ret_from_fork+0x41/0x80 [ 13.900789] ? __pfx_kthread+0x10/0x10 [ 13.900807] ret_from_fork_asm+0x1a/0x30 [ 13.900839] </TASK> [ 13.900849] [ 13.908495] Allocated by task 284: [ 13.908699] kasan_save_stack+0x45/0x70 [ 13.908843] kasan_save_track+0x18/0x40 [ 13.909031] kasan_save_alloc_info+0x3b/0x50 [ 13.909238] __kasan_kmalloc+0xb7/0xc0 [ 13.909420] __kmalloc_cache_noprof+0x189/0x420 [ 13.909643] kasan_atomics+0x95/0x310 [ 13.909791] kunit_try_run_case+0x1a5/0x480 [ 13.909945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910115] kthread+0x337/0x6f0 [ 13.910229] ret_from_fork+0x41/0x80 [ 13.910357] ret_from_fork_asm+0x1a/0x30 [ 13.910490] [ 13.910559] The buggy address belongs to the object at ffff888102a0bf80 [ 13.910559] which belongs to the cache kmalloc-64 of size 64 [ 13.910899] The buggy address is located 0 bytes to the right of [ 13.910899] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.911438] [ 13.911531] The buggy address belongs to the physical page: [ 13.912038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.912409] flags: 0x200000000000000(node=0|zone=2) [ 13.912649] page_type: f5(slab) [ 13.912818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.913246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.913517] page dumped because: kasan: bad access detected [ 13.913905] [ 13.913982] Memory state around the buggy address: [ 13.914133] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.914340] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.914546] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.914861] ^ [ 13.915093] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.915447] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.915953] ================================================================== [ 14.120200] ================================================================== [ 14.120587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.121308] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.121961] [ 14.122140] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.122188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.122200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.122224] Call Trace: [ 14.122244] <TASK> [ 14.122267] dump_stack_lvl+0x73/0xb0 [ 14.122295] print_report+0xd1/0x650 [ 14.122319] ? __virt_addr_valid+0x1db/0x2d0 [ 14.122343] ? kasan_atomics_helper+0x164f/0x5450 [ 14.122366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.122390] ? kasan_atomics_helper+0x164f/0x5450 [ 14.122414] kasan_report+0x141/0x180 [ 14.122438] ? kasan_atomics_helper+0x164f/0x5450 [ 14.122466] kasan_check_range+0x10c/0x1c0 [ 14.122487] __kasan_check_write+0x18/0x20 [ 14.122508] kasan_atomics_helper+0x164f/0x5450 [ 14.122532] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.122587] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.122610] ? kasan_atomics+0x152/0x310 [ 14.122634] kasan_atomics+0x1dc/0x310 [ 14.122666] ? __pfx_kasan_atomics+0x10/0x10 [ 14.122688] ? __pfx_read_tsc+0x10/0x10 [ 14.122709] ? ktime_get_ts64+0x86/0x230 [ 14.122735] kunit_try_run_case+0x1a5/0x480 [ 14.122761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.122784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.122809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.122834] ? __kthread_parkme+0x82/0x180 [ 14.122857] ? preempt_count_sub+0x50/0x80 [ 14.122883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.122908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.122940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.122964] kthread+0x337/0x6f0 [ 14.122981] ? trace_preempt_on+0x20/0xc0 [ 14.123006] ? __pfx_kthread+0x10/0x10 [ 14.123025] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.123047] ? calculate_sigpending+0x7b/0xa0 [ 14.123070] ? __pfx_kthread+0x10/0x10 [ 14.123089] ret_from_fork+0x41/0x80 [ 14.123110] ? __pfx_kthread+0x10/0x10 [ 14.123129] ret_from_fork_asm+0x1a/0x30 [ 14.123161] </TASK> [ 14.123172] [ 14.135945] Allocated by task 284: [ 14.136326] kasan_save_stack+0x45/0x70 [ 14.136740] kasan_save_track+0x18/0x40 [ 14.137054] kasan_save_alloc_info+0x3b/0x50 [ 14.137203] __kasan_kmalloc+0xb7/0xc0 [ 14.137337] __kmalloc_cache_noprof+0x189/0x420 [ 14.137492] kasan_atomics+0x95/0x310 [ 14.137815] kunit_try_run_case+0x1a5/0x480 [ 14.138228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.138720] kthread+0x337/0x6f0 [ 14.139047] ret_from_fork+0x41/0x80 [ 14.139399] ret_from_fork_asm+0x1a/0x30 [ 14.139790] [ 14.139957] The buggy address belongs to the object at ffff888102a0bf80 [ 14.139957] which belongs to the cache kmalloc-64 of size 64 [ 14.141012] The buggy address is located 0 bytes to the right of [ 14.141012] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.141383] [ 14.141458] The buggy address belongs to the physical page: [ 14.141825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.142525] flags: 0x200000000000000(node=0|zone=2) [ 14.143009] page_type: f5(slab) [ 14.143309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.143991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.144672] page dumped because: kasan: bad access detected [ 14.145161] [ 14.145309] Memory state around the buggy address: [ 14.145672] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145892] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.146121] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.146334] ^ [ 14.146493] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.147094] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.147737] ================================================================== [ 14.322398] ================================================================== [ 14.323112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.323464] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.324028] [ 14.324231] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.324290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.324303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.324326] Call Trace: [ 14.324347] <TASK> [ 14.324368] dump_stack_lvl+0x73/0xb0 [ 14.324396] print_report+0xd1/0x650 [ 14.324432] ? __virt_addr_valid+0x1db/0x2d0 [ 14.324456] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.324478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.324513] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.324536] kasan_report+0x141/0x180 [ 14.324579] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.324606] kasan_check_range+0x10c/0x1c0 [ 14.324627] __kasan_check_write+0x18/0x20 [ 14.324648] kasan_atomics_helper+0x1c18/0x5450 [ 14.324671] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.324694] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.324717] ? kasan_atomics+0x152/0x310 [ 14.324742] kasan_atomics+0x1dc/0x310 [ 14.324761] ? __pfx_kasan_atomics+0x10/0x10 [ 14.324782] ? __pfx_read_tsc+0x10/0x10 [ 14.324804] ? ktime_get_ts64+0x86/0x230 [ 14.324831] kunit_try_run_case+0x1a5/0x480 [ 14.324858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.324882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.324906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.324940] ? __kthread_parkme+0x82/0x180 [ 14.324964] ? preempt_count_sub+0x50/0x80 [ 14.324990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.325036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.325060] kthread+0x337/0x6f0 [ 14.325077] ? trace_preempt_on+0x20/0xc0 [ 14.325102] ? __pfx_kthread+0x10/0x10 [ 14.325121] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.325143] ? calculate_sigpending+0x7b/0xa0 [ 14.325166] ? __pfx_kthread+0x10/0x10 [ 14.325185] ret_from_fork+0x41/0x80 [ 14.325208] ? __pfx_kthread+0x10/0x10 [ 14.325226] ret_from_fork_asm+0x1a/0x30 [ 14.325259] </TASK> [ 14.325271] [ 14.336508] Allocated by task 284: [ 14.336652] kasan_save_stack+0x45/0x70 [ 14.336802] kasan_save_track+0x18/0x40 [ 14.336993] kasan_save_alloc_info+0x3b/0x50 [ 14.337358] __kasan_kmalloc+0xb7/0xc0 [ 14.337726] __kmalloc_cache_noprof+0x189/0x420 [ 14.338175] kasan_atomics+0x95/0x310 [ 14.338546] kunit_try_run_case+0x1a5/0x480 [ 14.338963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.339442] kthread+0x337/0x6f0 [ 14.339774] ret_from_fork+0x41/0x80 [ 14.340117] ret_from_fork_asm+0x1a/0x30 [ 14.340497] [ 14.340694] The buggy address belongs to the object at ffff888102a0bf80 [ 14.340694] which belongs to the cache kmalloc-64 of size 64 [ 14.341835] The buggy address is located 0 bytes to the right of [ 14.341835] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.342943] [ 14.343111] The buggy address belongs to the physical page: [ 14.343633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.344320] flags: 0x200000000000000(node=0|zone=2) [ 14.344780] page_type: f5(slab) [ 14.345094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.345718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.345960] page dumped because: kasan: bad access detected [ 14.346132] [ 14.346200] Memory state around the buggy address: [ 14.346360] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.346637] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.347261] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.347890] ^ [ 14.348331] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.348964] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.349594] ================================================================== [ 13.415795] ================================================================== [ 13.416807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.417100] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.417415] [ 13.417528] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.417575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.417587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.417609] Call Trace: [ 13.417628] <TASK> [ 13.417647] dump_stack_lvl+0x73/0xb0 [ 13.417672] print_report+0xd1/0x650 [ 13.417696] ? __virt_addr_valid+0x1db/0x2d0 [ 13.417718] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.417740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.417763] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.417786] kasan_report+0x141/0x180 [ 13.417809] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.417836] kasan_check_range+0x10c/0x1c0 [ 13.417856] __kasan_check_write+0x18/0x20 [ 13.417878] kasan_atomics_helper+0x4a0/0x5450 [ 13.417902] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.417937] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.417959] ? kasan_atomics+0x152/0x310 [ 13.417983] kasan_atomics+0x1dc/0x310 [ 13.418003] ? __pfx_kasan_atomics+0x10/0x10 [ 13.418024] ? __pfx_read_tsc+0x10/0x10 [ 13.418045] ? ktime_get_ts64+0x86/0x230 [ 13.418072] kunit_try_run_case+0x1a5/0x480 [ 13.418098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.418146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.418171] ? __kthread_parkme+0x82/0x180 [ 13.418194] ? preempt_count_sub+0x50/0x80 [ 13.418221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.418270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.418294] kthread+0x337/0x6f0 [ 13.418312] ? trace_preempt_on+0x20/0xc0 [ 13.418337] ? __pfx_kthread+0x10/0x10 [ 13.418355] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.418377] ? calculate_sigpending+0x7b/0xa0 [ 13.418400] ? __pfx_kthread+0x10/0x10 [ 13.418420] ret_from_fork+0x41/0x80 [ 13.418441] ? __pfx_kthread+0x10/0x10 [ 13.418459] ret_from_fork_asm+0x1a/0x30 [ 13.418492] </TASK> [ 13.418504] [ 13.425840] Allocated by task 284: [ 13.426037] kasan_save_stack+0x45/0x70 [ 13.426240] kasan_save_track+0x18/0x40 [ 13.426408] kasan_save_alloc_info+0x3b/0x50 [ 13.426556] __kasan_kmalloc+0xb7/0xc0 [ 13.426742] __kmalloc_cache_noprof+0x189/0x420 [ 13.426975] kasan_atomics+0x95/0x310 [ 13.427140] kunit_try_run_case+0x1a5/0x480 [ 13.427287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.427509] kthread+0x337/0x6f0 [ 13.427798] ret_from_fork+0x41/0x80 [ 13.427991] ret_from_fork_asm+0x1a/0x30 [ 13.428164] [ 13.428269] The buggy address belongs to the object at ffff888102a0bf80 [ 13.428269] which belongs to the cache kmalloc-64 of size 64 [ 13.428807] The buggy address is located 0 bytes to the right of [ 13.428807] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.429297] [ 13.429371] The buggy address belongs to the physical page: [ 13.429544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.429908] flags: 0x200000000000000(node=0|zone=2) [ 13.430162] page_type: f5(slab) [ 13.430310] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.430593] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.430954] page dumped because: kasan: bad access detected [ 13.431174] [ 13.431268] Memory state around the buggy address: [ 13.431463] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.431763] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.432022] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.432237] ^ [ 13.432397] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.432642] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.432963] ================================================================== [ 14.175868] ================================================================== [ 14.176202] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.176568] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.176904] [ 14.177029] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.177088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.177101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.177135] Call Trace: [ 14.177155] <TASK> [ 14.177175] dump_stack_lvl+0x73/0xb0 [ 14.177200] print_report+0xd1/0x650 [ 14.177225] ? __virt_addr_valid+0x1db/0x2d0 [ 14.177248] ? kasan_atomics_helper+0x177f/0x5450 [ 14.177281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.177305] ? kasan_atomics_helper+0x177f/0x5450 [ 14.177328] kasan_report+0x141/0x180 [ 14.177362] ? kasan_atomics_helper+0x177f/0x5450 [ 14.177389] kasan_check_range+0x10c/0x1c0 [ 14.177410] __kasan_check_write+0x18/0x20 [ 14.177430] kasan_atomics_helper+0x177f/0x5450 [ 14.177454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.177478] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.177500] ? kasan_atomics+0x152/0x310 [ 14.177524] kasan_atomics+0x1dc/0x310 [ 14.177544] ? __pfx_kasan_atomics+0x10/0x10 [ 14.177576] ? __pfx_read_tsc+0x10/0x10 [ 14.177597] ? ktime_get_ts64+0x86/0x230 [ 14.177623] kunit_try_run_case+0x1a5/0x480 [ 14.177650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.177674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.177700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.177724] ? __kthread_parkme+0x82/0x180 [ 14.177756] ? preempt_count_sub+0x50/0x80 [ 14.177783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.177807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.177842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.177866] kthread+0x337/0x6f0 [ 14.177884] ? trace_preempt_on+0x20/0xc0 [ 14.177909] ? __pfx_kthread+0x10/0x10 [ 14.177936] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.177959] ? calculate_sigpending+0x7b/0xa0 [ 14.177981] ? __pfx_kthread+0x10/0x10 [ 14.178001] ret_from_fork+0x41/0x80 [ 14.178022] ? __pfx_kthread+0x10/0x10 [ 14.178041] ret_from_fork_asm+0x1a/0x30 [ 14.178073] </TASK> [ 14.178085] [ 14.185930] Allocated by task 284: [ 14.186118] kasan_save_stack+0x45/0x70 [ 14.186334] kasan_save_track+0x18/0x40 [ 14.186513] kasan_save_alloc_info+0x3b/0x50 [ 14.186746] __kasan_kmalloc+0xb7/0xc0 [ 14.186940] __kmalloc_cache_noprof+0x189/0x420 [ 14.187151] kasan_atomics+0x95/0x310 [ 14.187282] kunit_try_run_case+0x1a5/0x480 [ 14.187429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.187737] kthread+0x337/0x6f0 [ 14.187905] ret_from_fork+0x41/0x80 [ 14.188101] ret_from_fork_asm+0x1a/0x30 [ 14.188301] [ 14.188396] The buggy address belongs to the object at ffff888102a0bf80 [ 14.188396] which belongs to the cache kmalloc-64 of size 64 [ 14.188884] The buggy address is located 0 bytes to the right of [ 14.188884] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.189429] [ 14.189544] The buggy address belongs to the physical page: [ 14.189789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.190169] flags: 0x200000000000000(node=0|zone=2) [ 14.190339] page_type: f5(slab) [ 14.190466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.190704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.191020] page dumped because: kasan: bad access detected [ 14.191324] [ 14.191430] Memory state around the buggy address: [ 14.191676] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.192019] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.192357] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.192577] ^ [ 14.192802] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.193152] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.193467] ================================================================== [ 13.960665] ================================================================== [ 13.961622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 13.962021] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.962338] [ 13.962429] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.962475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.962487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.962510] Call Trace: [ 13.962529] <TASK> [ 13.962548] dump_stack_lvl+0x73/0xb0 [ 13.962575] print_report+0xd1/0x650 [ 13.962597] ? __virt_addr_valid+0x1db/0x2d0 [ 13.962621] ? kasan_atomics_helper+0x12e6/0x5450 [ 13.962642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.962666] ? kasan_atomics_helper+0x12e6/0x5450 [ 13.962690] kasan_report+0x141/0x180 [ 13.962717] ? kasan_atomics_helper+0x12e6/0x5450 [ 13.962757] kasan_check_range+0x10c/0x1c0 [ 13.962779] __kasan_check_write+0x18/0x20 [ 13.962800] kasan_atomics_helper+0x12e6/0x5450 [ 13.962835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.962860] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.962883] ? kasan_atomics+0x152/0x310 [ 13.962908] kasan_atomics+0x1dc/0x310 [ 13.962937] ? __pfx_kasan_atomics+0x10/0x10 [ 13.962959] ? __pfx_read_tsc+0x10/0x10 [ 13.962979] ? ktime_get_ts64+0x86/0x230 [ 13.963006] kunit_try_run_case+0x1a5/0x480 [ 13.963031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.963054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.963079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.963103] ? __kthread_parkme+0x82/0x180 [ 13.963126] ? preempt_count_sub+0x50/0x80 [ 13.963153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.963177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.963209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.963233] kthread+0x337/0x6f0 [ 13.963251] ? trace_preempt_on+0x20/0xc0 [ 13.963286] ? __pfx_kthread+0x10/0x10 [ 13.963304] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.963335] ? calculate_sigpending+0x7b/0xa0 [ 13.963357] ? __pfx_kthread+0x10/0x10 [ 13.963377] ret_from_fork+0x41/0x80 [ 13.963398] ? __pfx_kthread+0x10/0x10 [ 13.963426] ret_from_fork_asm+0x1a/0x30 [ 13.963458] </TASK> [ 13.963469] [ 13.971716] Allocated by task 284: [ 13.971905] kasan_save_stack+0x45/0x70 [ 13.972127] kasan_save_track+0x18/0x40 [ 13.972325] kasan_save_alloc_info+0x3b/0x50 [ 13.972539] __kasan_kmalloc+0xb7/0xc0 [ 13.972784] __kmalloc_cache_noprof+0x189/0x420 [ 13.973016] kasan_atomics+0x95/0x310 [ 13.973182] kunit_try_run_case+0x1a5/0x480 [ 13.973330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.973505] kthread+0x337/0x6f0 [ 13.973624] ret_from_fork+0x41/0x80 [ 13.973755] ret_from_fork_asm+0x1a/0x30 [ 13.973895] [ 13.974001] The buggy address belongs to the object at ffff888102a0bf80 [ 13.974001] which belongs to the cache kmalloc-64 of size 64 [ 13.974551] The buggy address is located 0 bytes to the right of [ 13.974551] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.975313] [ 13.975400] The buggy address belongs to the physical page: [ 13.975577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.975968] flags: 0x200000000000000(node=0|zone=2) [ 13.976192] page_type: f5(slab) [ 13.976358] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.976593] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.976830] page dumped because: kasan: bad access detected [ 13.977089] [ 13.977195] Memory state around the buggy address: [ 13.977436] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.977833] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.978181] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.978521] ^ [ 13.978761] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.979020] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.979308] ================================================================== [ 14.532054] ================================================================== [ 14.532351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.532753] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.533090] [ 14.533195] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.533254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.533267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.533302] Call Trace: [ 14.533350] <TASK> [ 14.533372] dump_stack_lvl+0x73/0xb0 [ 14.533426] print_report+0xd1/0x650 [ 14.533476] ? __virt_addr_valid+0x1db/0x2d0 [ 14.533513] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.533548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.533595] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.533636] kasan_report+0x141/0x180 [ 14.533687] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.533715] __asan_report_load8_noabort+0x18/0x20 [ 14.533737] kasan_atomics_helper+0x4f98/0x5450 [ 14.533771] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.533795] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.533817] ? kasan_atomics+0x152/0x310 [ 14.533842] kasan_atomics+0x1dc/0x310 [ 14.533862] ? __pfx_kasan_atomics+0x10/0x10 [ 14.533884] ? __pfx_read_tsc+0x10/0x10 [ 14.533906] ? ktime_get_ts64+0x86/0x230 [ 14.533942] kunit_try_run_case+0x1a5/0x480 [ 14.533968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.533992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.534017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.534042] ? __kthread_parkme+0x82/0x180 [ 14.534064] ? preempt_count_sub+0x50/0x80 [ 14.534091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.534141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.534166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.534216] kthread+0x337/0x6f0 [ 14.534235] ? trace_preempt_on+0x20/0xc0 [ 14.534285] ? __pfx_kthread+0x10/0x10 [ 14.534304] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.534343] ? calculate_sigpending+0x7b/0xa0 [ 14.534376] ? __pfx_kthread+0x10/0x10 [ 14.534396] ret_from_fork+0x41/0x80 [ 14.534418] ? __pfx_kthread+0x10/0x10 [ 14.534437] ret_from_fork_asm+0x1a/0x30 [ 14.534470] </TASK> [ 14.534482] [ 14.542461] Allocated by task 284: [ 14.542720] kasan_save_stack+0x45/0x70 [ 14.542968] kasan_save_track+0x18/0x40 [ 14.543194] kasan_save_alloc_info+0x3b/0x50 [ 14.543380] __kasan_kmalloc+0xb7/0xc0 [ 14.543511] __kmalloc_cache_noprof+0x189/0x420 [ 14.543932] kasan_atomics+0x95/0x310 [ 14.544116] kunit_try_run_case+0x1a5/0x480 [ 14.544346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.544518] kthread+0x337/0x6f0 [ 14.544634] ret_from_fork+0x41/0x80 [ 14.544866] ret_from_fork_asm+0x1a/0x30 [ 14.545021] [ 14.545139] The buggy address belongs to the object at ffff888102a0bf80 [ 14.545139] which belongs to the cache kmalloc-64 of size 64 [ 14.545736] The buggy address is located 0 bytes to the right of [ 14.545736] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.546285] [ 14.546433] The buggy address belongs to the physical page: [ 14.546740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.547105] flags: 0x200000000000000(node=0|zone=2) [ 14.547370] page_type: f5(slab) [ 14.547579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.548028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.548266] page dumped because: kasan: bad access detected [ 14.548496] [ 14.548696] Memory state around the buggy address: [ 14.548987] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.549330] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.549684] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.550025] ^ [ 14.550269] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.550634] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.551074] ================================================================== [ 13.475945] ================================================================== [ 13.476578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.477176] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.477410] [ 13.477525] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.477586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.477599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.477622] Call Trace: [ 13.477641] <TASK> [ 13.477660] dump_stack_lvl+0x73/0xb0 [ 13.477687] print_report+0xd1/0x650 [ 13.477711] ? __virt_addr_valid+0x1db/0x2d0 [ 13.477734] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.477757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.477780] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.477803] kasan_report+0x141/0x180 [ 13.477826] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.477854] kasan_check_range+0x10c/0x1c0 [ 13.477874] __kasan_check_write+0x18/0x20 [ 13.477895] kasan_atomics_helper+0x5fe/0x5450 [ 13.477931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.477955] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.477977] ? kasan_atomics+0x152/0x310 [ 13.478001] kasan_atomics+0x1dc/0x310 [ 13.478020] ? __pfx_kasan_atomics+0x10/0x10 [ 13.478041] ? __pfx_read_tsc+0x10/0x10 [ 13.478062] ? ktime_get_ts64+0x86/0x230 [ 13.478088] kunit_try_run_case+0x1a5/0x480 [ 13.478114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.478162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.478186] ? __kthread_parkme+0x82/0x180 [ 13.478209] ? preempt_count_sub+0x50/0x80 [ 13.478236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.478284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.478307] kthread+0x337/0x6f0 [ 13.478325] ? trace_preempt_on+0x20/0xc0 [ 13.478350] ? __pfx_kthread+0x10/0x10 [ 13.478368] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.478390] ? calculate_sigpending+0x7b/0xa0 [ 13.478413] ? __pfx_kthread+0x10/0x10 [ 13.478432] ret_from_fork+0x41/0x80 [ 13.478453] ? __pfx_kthread+0x10/0x10 [ 13.478471] ret_from_fork_asm+0x1a/0x30 [ 13.478504] </TASK> [ 13.478515] [ 13.485925] Allocated by task 284: [ 13.486102] kasan_save_stack+0x45/0x70 [ 13.486249] kasan_save_track+0x18/0x40 [ 13.486383] kasan_save_alloc_info+0x3b/0x50 [ 13.486527] __kasan_kmalloc+0xb7/0xc0 [ 13.486658] __kmalloc_cache_noprof+0x189/0x420 [ 13.486889] kasan_atomics+0x95/0x310 [ 13.487083] kunit_try_run_case+0x1a5/0x480 [ 13.487289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487548] kthread+0x337/0x6f0 [ 13.487818] ret_from_fork+0x41/0x80 [ 13.488016] ret_from_fork_asm+0x1a/0x30 [ 13.488201] [ 13.488290] The buggy address belongs to the object at ffff888102a0bf80 [ 13.488290] which belongs to the cache kmalloc-64 of size 64 [ 13.488747] The buggy address is located 0 bytes to the right of [ 13.488747] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.489270] [ 13.489379] The buggy address belongs to the physical page: [ 13.489588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.489958] flags: 0x200000000000000(node=0|zone=2) [ 13.490174] page_type: f5(slab) [ 13.490318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.490652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.490963] page dumped because: kasan: bad access detected [ 13.491181] [ 13.491268] Memory state around the buggy address: [ 13.491460] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.491782] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.492065] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.492310] ^ [ 13.492465] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.492680] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.492893] ================================================================== [ 13.720544] ================================================================== [ 13.721048] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 13.721399] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.721873] [ 13.722001] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.722048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.722061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.722085] Call Trace: [ 13.722105] <TASK> [ 13.722125] dump_stack_lvl+0x73/0xb0 [ 13.722151] print_report+0xd1/0x650 [ 13.722175] ? __virt_addr_valid+0x1db/0x2d0 [ 13.722198] ? kasan_atomics_helper+0xd47/0x5450 [ 13.722220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.722256] ? kasan_atomics_helper+0xd47/0x5450 [ 13.722279] kasan_report+0x141/0x180 [ 13.722302] ? kasan_atomics_helper+0xd47/0x5450 [ 13.722340] kasan_check_range+0x10c/0x1c0 [ 13.722361] __kasan_check_write+0x18/0x20 [ 13.722382] kasan_atomics_helper+0xd47/0x5450 [ 13.722414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.722437] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.722460] ? kasan_atomics+0x152/0x310 [ 13.722494] kasan_atomics+0x1dc/0x310 [ 13.722514] ? __pfx_kasan_atomics+0x10/0x10 [ 13.722535] ? __pfx_read_tsc+0x10/0x10 [ 13.722556] ? ktime_get_ts64+0x86/0x230 [ 13.722590] kunit_try_run_case+0x1a5/0x480 [ 13.722615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.722658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.722683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.722707] ? __kthread_parkme+0x82/0x180 [ 13.722730] ? preempt_count_sub+0x50/0x80 [ 13.722764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.722789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.722812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.722847] kthread+0x337/0x6f0 [ 13.722864] ? trace_preempt_on+0x20/0xc0 [ 13.722888] ? __pfx_kthread+0x10/0x10 [ 13.722906] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.722938] ? calculate_sigpending+0x7b/0xa0 [ 13.722961] ? __pfx_kthread+0x10/0x10 [ 13.722980] ret_from_fork+0x41/0x80 [ 13.723001] ? __pfx_kthread+0x10/0x10 [ 13.723019] ret_from_fork_asm+0x1a/0x30 [ 13.723051] </TASK> [ 13.723064] [ 13.731055] Allocated by task 284: [ 13.731247] kasan_save_stack+0x45/0x70 [ 13.731480] kasan_save_track+0x18/0x40 [ 13.731669] kasan_save_alloc_info+0x3b/0x50 [ 13.731939] __kasan_kmalloc+0xb7/0xc0 [ 13.732162] __kmalloc_cache_noprof+0x189/0x420 [ 13.732355] kasan_atomics+0x95/0x310 [ 13.732485] kunit_try_run_case+0x1a5/0x480 [ 13.732632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.732806] kthread+0x337/0x6f0 [ 13.732935] ret_from_fork+0x41/0x80 [ 13.733067] ret_from_fork_asm+0x1a/0x30 [ 13.733207] [ 13.733295] The buggy address belongs to the object at ffff888102a0bf80 [ 13.733295] which belongs to the cache kmalloc-64 of size 64 [ 13.733975] The buggy address is located 0 bytes to the right of [ 13.733975] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.734508] [ 13.734581] The buggy address belongs to the physical page: [ 13.734756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.735012] flags: 0x200000000000000(node=0|zone=2) [ 13.735177] page_type: f5(slab) [ 13.735302] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.735680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.736030] page dumped because: kasan: bad access detected [ 13.736312] [ 13.736418] Memory state around the buggy address: [ 13.736719] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.737084] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.737458] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.738074] ^ [ 13.738270] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.738486] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.739062] ================================================================== [ 14.571624] ================================================================== [ 14.572015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.572610] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.572956] [ 14.573113] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.573160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.573172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.573195] Call Trace: [ 14.573215] <TASK> [ 14.573234] dump_stack_lvl+0x73/0xb0 [ 14.573261] print_report+0xd1/0x650 [ 14.573284] ? __virt_addr_valid+0x1db/0x2d0 [ 14.573308] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.573330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.573355] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.573378] kasan_report+0x141/0x180 [ 14.573400] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.573428] __asan_report_load8_noabort+0x18/0x20 [ 14.573450] kasan_atomics_helper+0x4fb2/0x5450 [ 14.573474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.573497] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.573520] ? kasan_atomics+0x152/0x310 [ 14.573545] kasan_atomics+0x1dc/0x310 [ 14.573566] ? __pfx_kasan_atomics+0x10/0x10 [ 14.573587] ? __pfx_read_tsc+0x10/0x10 [ 14.573609] ? ktime_get_ts64+0x86/0x230 [ 14.573635] kunit_try_run_case+0x1a5/0x480 [ 14.573662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.573685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.573710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.573734] ? __kthread_parkme+0x82/0x180 [ 14.573757] ? preempt_count_sub+0x50/0x80 [ 14.573784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.573808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.573832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.573855] kthread+0x337/0x6f0 [ 14.573883] ? trace_preempt_on+0x20/0xc0 [ 14.573908] ? __pfx_kthread+0x10/0x10 [ 14.573945] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.573967] ? calculate_sigpending+0x7b/0xa0 [ 14.573990] ? __pfx_kthread+0x10/0x10 [ 14.574009] ret_from_fork+0x41/0x80 [ 14.574031] ? __pfx_kthread+0x10/0x10 [ 14.574050] ret_from_fork_asm+0x1a/0x30 [ 14.574082] </TASK> [ 14.574094] [ 14.582274] Allocated by task 284: [ 14.582470] kasan_save_stack+0x45/0x70 [ 14.582713] kasan_save_track+0x18/0x40 [ 14.582868] kasan_save_alloc_info+0x3b/0x50 [ 14.583098] __kasan_kmalloc+0xb7/0xc0 [ 14.583309] __kmalloc_cache_noprof+0x189/0x420 [ 14.583525] kasan_atomics+0x95/0x310 [ 14.583819] kunit_try_run_case+0x1a5/0x480 [ 14.584074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.584313] kthread+0x337/0x6f0 [ 14.584486] ret_from_fork+0x41/0x80 [ 14.584710] ret_from_fork_asm+0x1a/0x30 [ 14.584927] [ 14.585024] The buggy address belongs to the object at ffff888102a0bf80 [ 14.585024] which belongs to the cache kmalloc-64 of size 64 [ 14.585550] The buggy address is located 0 bytes to the right of [ 14.585550] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.586150] [ 14.586266] The buggy address belongs to the physical page: [ 14.586515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.586950] flags: 0x200000000000000(node=0|zone=2) [ 14.587200] page_type: f5(slab) [ 14.587378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.587735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.588112] page dumped because: kasan: bad access detected [ 14.588397] [ 14.588482] Memory state around the buggy address: [ 14.588749] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.589120] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.589465] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.589755] ^ [ 14.589907] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.590185] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.590492] ================================================================== [ 13.569894] ================================================================== [ 13.570269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.570948] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.571271] [ 13.571406] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.571454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.571467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.571490] Call Trace: [ 13.571511] <TASK> [ 13.571540] dump_stack_lvl+0x73/0xb0 [ 13.571594] print_report+0xd1/0x650 [ 13.571627] ? __virt_addr_valid+0x1db/0x2d0 [ 13.571651] ? kasan_atomics_helper+0x860/0x5450 [ 13.571673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.571707] ? kasan_atomics_helper+0x860/0x5450 [ 13.571729] kasan_report+0x141/0x180 [ 13.571752] ? kasan_atomics_helper+0x860/0x5450 [ 13.571780] kasan_check_range+0x10c/0x1c0 [ 13.571801] __kasan_check_write+0x18/0x20 [ 13.571821] kasan_atomics_helper+0x860/0x5450 [ 13.571844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.571867] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.571890] ? kasan_atomics+0x152/0x310 [ 13.571914] kasan_atomics+0x1dc/0x310 [ 13.571942] ? __pfx_kasan_atomics+0x10/0x10 [ 13.571965] ? __pfx_read_tsc+0x10/0x10 [ 13.571986] ? ktime_get_ts64+0x86/0x230 [ 13.572012] kunit_try_run_case+0x1a5/0x480 [ 13.572038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.572061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.572086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.572109] ? __kthread_parkme+0x82/0x180 [ 13.572142] ? preempt_count_sub+0x50/0x80 [ 13.572168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.572203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.572227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.572255] kthread+0x337/0x6f0 [ 13.572272] ? trace_preempt_on+0x20/0xc0 [ 13.572297] ? __pfx_kthread+0x10/0x10 [ 13.572315] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.572337] ? calculate_sigpending+0x7b/0xa0 [ 13.572359] ? __pfx_kthread+0x10/0x10 [ 13.572378] ret_from_fork+0x41/0x80 [ 13.572398] ? __pfx_kthread+0x10/0x10 [ 13.572417] ret_from_fork_asm+0x1a/0x30 [ 13.572449] </TASK> [ 13.572460] [ 13.579991] Allocated by task 284: [ 13.580183] kasan_save_stack+0x45/0x70 [ 13.580397] kasan_save_track+0x18/0x40 [ 13.580603] kasan_save_alloc_info+0x3b/0x50 [ 13.580749] __kasan_kmalloc+0xb7/0xc0 [ 13.580911] __kmalloc_cache_noprof+0x189/0x420 [ 13.581137] kasan_atomics+0x95/0x310 [ 13.581348] kunit_try_run_case+0x1a5/0x480 [ 13.581602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.581819] kthread+0x337/0x6f0 [ 13.581994] ret_from_fork+0x41/0x80 [ 13.582203] ret_from_fork_asm+0x1a/0x30 [ 13.582413] [ 13.582490] The buggy address belongs to the object at ffff888102a0bf80 [ 13.582490] which belongs to the cache kmalloc-64 of size 64 [ 13.582990] The buggy address is located 0 bytes to the right of [ 13.582990] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.583385] [ 13.583496] The buggy address belongs to the physical page: [ 13.583822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.584195] flags: 0x200000000000000(node=0|zone=2) [ 13.584433] page_type: f5(slab) [ 13.584628] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.584886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.585231] page dumped because: kasan: bad access detected [ 13.585470] [ 13.585581] Memory state around the buggy address: [ 13.585804] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.586121] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.586387] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.586624] ^ [ 13.586871] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.587195] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.587508] ================================================================== [ 13.625508] ================================================================== [ 13.626107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.626457] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.626790] [ 13.626904] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.626971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.626983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.627017] Call Trace: [ 13.627036] <TASK> [ 13.627054] dump_stack_lvl+0x73/0xb0 [ 13.627079] print_report+0xd1/0x650 [ 13.627102] ? __virt_addr_valid+0x1db/0x2d0 [ 13.627124] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.627157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.627182] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.627217] kasan_report+0x141/0x180 [ 13.627240] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.627267] kasan_check_range+0x10c/0x1c0 [ 13.627289] __kasan_check_write+0x18/0x20 [ 13.627318] kasan_atomics_helper+0xa2b/0x5450 [ 13.627342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.627367] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.627401] ? kasan_atomics+0x152/0x310 [ 13.627426] kasan_atomics+0x1dc/0x310 [ 13.627447] ? __pfx_kasan_atomics+0x10/0x10 [ 13.627468] ? __pfx_read_tsc+0x10/0x10 [ 13.627488] ? ktime_get_ts64+0x86/0x230 [ 13.627523] kunit_try_run_case+0x1a5/0x480 [ 13.627548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.627571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.627605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.627629] ? __kthread_parkme+0x82/0x180 [ 13.627662] ? preempt_count_sub+0x50/0x80 [ 13.627688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.627713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.627737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.627761] kthread+0x337/0x6f0 [ 13.627778] ? trace_preempt_on+0x20/0xc0 [ 13.627802] ? __pfx_kthread+0x10/0x10 [ 13.627822] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.627844] ? calculate_sigpending+0x7b/0xa0 [ 13.627866] ? __pfx_kthread+0x10/0x10 [ 13.627885] ret_from_fork+0x41/0x80 [ 13.627906] ? __pfx_kthread+0x10/0x10 [ 13.627934] ret_from_fork_asm+0x1a/0x30 [ 13.627966] </TASK> [ 13.627976] [ 13.635532] Allocated by task 284: [ 13.635672] kasan_save_stack+0x45/0x70 [ 13.635877] kasan_save_track+0x18/0x40 [ 13.636088] kasan_save_alloc_info+0x3b/0x50 [ 13.636318] __kasan_kmalloc+0xb7/0xc0 [ 13.636510] __kmalloc_cache_noprof+0x189/0x420 [ 13.636847] kasan_atomics+0x95/0x310 [ 13.637020] kunit_try_run_case+0x1a5/0x480 [ 13.637209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.637386] kthread+0x337/0x6f0 [ 13.637591] ret_from_fork+0x41/0x80 [ 13.637775] ret_from_fork_asm+0x1a/0x30 [ 13.637985] [ 13.638099] The buggy address belongs to the object at ffff888102a0bf80 [ 13.638099] which belongs to the cache kmalloc-64 of size 64 [ 13.638613] The buggy address is located 0 bytes to the right of [ 13.638613] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.639150] [ 13.639259] The buggy address belongs to the physical page: [ 13.639508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.639944] flags: 0x200000000000000(node=0|zone=2) [ 13.640170] page_type: f5(slab) [ 13.640350] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.640713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.641074] page dumped because: kasan: bad access detected [ 13.641266] [ 13.641335] Memory state around the buggy address: [ 13.641493] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.641708] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.642002] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.642621] ^ [ 13.642802] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.643086] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.643401] ================================================================== [ 13.758537] ================================================================== [ 13.759077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 13.759388] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.759791] [ 13.759895] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.759955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.759968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.759990] Call Trace: [ 13.760006] <TASK> [ 13.760022] dump_stack_lvl+0x73/0xb0 [ 13.760047] print_report+0xd1/0x650 [ 13.760080] ? __virt_addr_valid+0x1db/0x2d0 [ 13.760102] ? kasan_atomics_helper+0xe78/0x5450 [ 13.760124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.760158] ? kasan_atomics_helper+0xe78/0x5450 [ 13.760181] kasan_report+0x141/0x180 [ 13.760204] ? kasan_atomics_helper+0xe78/0x5450 [ 13.760231] kasan_check_range+0x10c/0x1c0 [ 13.760256] __kasan_check_write+0x18/0x20 [ 13.760276] kasan_atomics_helper+0xe78/0x5450 [ 13.760300] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.760323] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.760346] ? kasan_atomics+0x152/0x310 [ 13.760371] kasan_atomics+0x1dc/0x310 [ 13.760390] ? __pfx_kasan_atomics+0x10/0x10 [ 13.760411] ? __pfx_read_tsc+0x10/0x10 [ 13.760432] ? ktime_get_ts64+0x86/0x230 [ 13.760457] kunit_try_run_case+0x1a5/0x480 [ 13.760484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.760507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.760531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.760555] ? __kthread_parkme+0x82/0x180 [ 13.760578] ? preempt_count_sub+0x50/0x80 [ 13.760605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.760630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.760654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.760678] kthread+0x337/0x6f0 [ 13.760696] ? trace_preempt_on+0x20/0xc0 [ 13.760720] ? __pfx_kthread+0x10/0x10 [ 13.760739] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.760761] ? calculate_sigpending+0x7b/0xa0 [ 13.760784] ? __pfx_kthread+0x10/0x10 [ 13.760804] ret_from_fork+0x41/0x80 [ 13.760825] ? __pfx_kthread+0x10/0x10 [ 13.760843] ret_from_fork_asm+0x1a/0x30 [ 13.760874] </TASK> [ 13.760885] [ 13.768335] Allocated by task 284: [ 13.768539] kasan_save_stack+0x45/0x70 [ 13.768889] kasan_save_track+0x18/0x40 [ 13.769103] kasan_save_alloc_info+0x3b/0x50 [ 13.769275] __kasan_kmalloc+0xb7/0xc0 [ 13.769408] __kmalloc_cache_noprof+0x189/0x420 [ 13.769602] kasan_atomics+0x95/0x310 [ 13.769789] kunit_try_run_case+0x1a5/0x480 [ 13.770004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.770253] kthread+0x337/0x6f0 [ 13.770400] ret_from_fork+0x41/0x80 [ 13.770532] ret_from_fork_asm+0x1a/0x30 [ 13.770962] [ 13.771042] The buggy address belongs to the object at ffff888102a0bf80 [ 13.771042] which belongs to the cache kmalloc-64 of size 64 [ 13.771406] The buggy address is located 0 bytes to the right of [ 13.771406] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.771805] [ 13.771904] The buggy address belongs to the physical page: [ 13.772200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.772753] flags: 0x200000000000000(node=0|zone=2) [ 13.772934] page_type: f5(slab) [ 13.773058] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.773288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.773513] page dumped because: kasan: bad access detected [ 13.773682] [ 13.773750] Memory state around the buggy address: [ 13.773906] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.774246] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.774574] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.774893] ^ [ 13.775129] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.775449] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.776056] ================================================================== [ 13.541902] ================================================================== [ 13.542743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.543610] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.544383] [ 13.544649] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.544700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.544713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.544770] Call Trace: [ 13.544791] <TASK> [ 13.544811] dump_stack_lvl+0x73/0xb0 [ 13.544839] print_report+0xd1/0x650 [ 13.544865] ? __virt_addr_valid+0x1db/0x2d0 [ 13.544888] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.544911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.544946] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.544969] kasan_report+0x141/0x180 [ 13.544991] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.545019] kasan_check_range+0x10c/0x1c0 [ 13.545040] __kasan_check_write+0x18/0x20 [ 13.545060] kasan_atomics_helper+0x7c7/0x5450 [ 13.545084] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.545107] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.545130] ? kasan_atomics+0x152/0x310 [ 13.545154] kasan_atomics+0x1dc/0x310 [ 13.545174] ? __pfx_kasan_atomics+0x10/0x10 [ 13.545195] ? __pfx_read_tsc+0x10/0x10 [ 13.545216] ? ktime_get_ts64+0x86/0x230 [ 13.545242] kunit_try_run_case+0x1a5/0x480 [ 13.545286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.545309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.545334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.545358] ? __kthread_parkme+0x82/0x180 [ 13.545380] ? preempt_count_sub+0x50/0x80 [ 13.545406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.545431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.545454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.545477] kthread+0x337/0x6f0 [ 13.545495] ? trace_preempt_on+0x20/0xc0 [ 13.545519] ? __pfx_kthread+0x10/0x10 [ 13.545538] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.545578] ? calculate_sigpending+0x7b/0xa0 [ 13.545601] ? __pfx_kthread+0x10/0x10 [ 13.545620] ret_from_fork+0x41/0x80 [ 13.545642] ? __pfx_kthread+0x10/0x10 [ 13.545660] ret_from_fork_asm+0x1a/0x30 [ 13.545691] </TASK> [ 13.545703] [ 13.557581] Allocated by task 284: [ 13.558001] kasan_save_stack+0x45/0x70 [ 13.558334] kasan_save_track+0x18/0x40 [ 13.558526] kasan_save_alloc_info+0x3b/0x50 [ 13.558978] __kasan_kmalloc+0xb7/0xc0 [ 13.559288] __kmalloc_cache_noprof+0x189/0x420 [ 13.559731] kasan_atomics+0x95/0x310 [ 13.560105] kunit_try_run_case+0x1a5/0x480 [ 13.560517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560980] kthread+0x337/0x6f0 [ 13.561270] ret_from_fork+0x41/0x80 [ 13.561680] ret_from_fork_asm+0x1a/0x30 [ 13.562000] [ 13.562228] The buggy address belongs to the object at ffff888102a0bf80 [ 13.562228] which belongs to the cache kmalloc-64 of size 64 [ 13.562945] The buggy address is located 0 bytes to the right of [ 13.562945] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.563459] [ 13.563839] The buggy address belongs to the physical page: [ 13.564231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.565402] flags: 0x200000000000000(node=0|zone=2) [ 13.565679] page_type: f5(slab) [ 13.565872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.566207] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.566498] page dumped because: kasan: bad access detected [ 13.566773] [ 13.566872] Memory state around the buggy address: [ 13.567120] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.567402] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.567769] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.568059] ^ [ 13.568293] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.568636] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.568909] ================================================================== [ 13.644233] ================================================================== [ 13.644589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.644905] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.645269] [ 13.645378] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.645425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.645437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.645459] Call Trace: [ 13.645476] <TASK> [ 13.645494] dump_stack_lvl+0x73/0xb0 [ 13.645520] print_report+0xd1/0x650 [ 13.645543] ? __virt_addr_valid+0x1db/0x2d0 [ 13.645574] ? kasan_atomics_helper+0xac7/0x5450 [ 13.645596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.645619] ? kasan_atomics_helper+0xac7/0x5450 [ 13.645652] kasan_report+0x141/0x180 [ 13.645675] ? kasan_atomics_helper+0xac7/0x5450 [ 13.645702] kasan_check_range+0x10c/0x1c0 [ 13.645734] __kasan_check_write+0x18/0x20 [ 13.645754] kasan_atomics_helper+0xac7/0x5450 [ 13.645777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.645800] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.645832] ? kasan_atomics+0x152/0x310 [ 13.645855] kasan_atomics+0x1dc/0x310 [ 13.645874] ? __pfx_kasan_atomics+0x10/0x10 [ 13.645906] ? __pfx_read_tsc+0x10/0x10 [ 13.645934] ? ktime_get_ts64+0x86/0x230 [ 13.645961] kunit_try_run_case+0x1a5/0x480 [ 13.645987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.646018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.646043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.646067] ? __kthread_parkme+0x82/0x180 [ 13.646100] ? preempt_count_sub+0x50/0x80 [ 13.646126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.646150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.646184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.646208] kthread+0x337/0x6f0 [ 13.646226] ? trace_preempt_on+0x20/0xc0 [ 13.646260] ? __pfx_kthread+0x10/0x10 [ 13.646280] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.646303] ? calculate_sigpending+0x7b/0xa0 [ 13.646335] ? __pfx_kthread+0x10/0x10 [ 13.646354] ret_from_fork+0x41/0x80 [ 13.646375] ? __pfx_kthread+0x10/0x10 [ 13.646404] ret_from_fork_asm+0x1a/0x30 [ 13.646435] </TASK> [ 13.646446] [ 13.654302] Allocated by task 284: [ 13.654501] kasan_save_stack+0x45/0x70 [ 13.654794] kasan_save_track+0x18/0x40 [ 13.654966] kasan_save_alloc_info+0x3b/0x50 [ 13.655189] __kasan_kmalloc+0xb7/0xc0 [ 13.655339] __kmalloc_cache_noprof+0x189/0x420 [ 13.655578] kasan_atomics+0x95/0x310 [ 13.655722] kunit_try_run_case+0x1a5/0x480 [ 13.655946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.656167] kthread+0x337/0x6f0 [ 13.656350] ret_from_fork+0x41/0x80 [ 13.656528] ret_from_fork_asm+0x1a/0x30 [ 13.656711] [ 13.656787] The buggy address belongs to the object at ffff888102a0bf80 [ 13.656787] which belongs to the cache kmalloc-64 of size 64 [ 13.657169] The buggy address is located 0 bytes to the right of [ 13.657169] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.657549] [ 13.657643] The buggy address belongs to the physical page: [ 13.658012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.658378] flags: 0x200000000000000(node=0|zone=2) [ 13.658630] page_type: f5(slab) [ 13.658800] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.659347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.659573] page dumped because: kasan: bad access detected [ 13.659742] [ 13.659809] Memory state around the buggy address: [ 13.659972] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.660186] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.660852] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.661181] ^ [ 13.661429] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.661751] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.662090] ================================================================== [ 13.606113] ================================================================== [ 13.607057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.607421] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.607775] [ 13.607892] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.607948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.607961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.607985] Call Trace: [ 13.608004] <TASK> [ 13.608024] dump_stack_lvl+0x73/0xb0 [ 13.608050] print_report+0xd1/0x650 [ 13.608074] ? __virt_addr_valid+0x1db/0x2d0 [ 13.608097] ? kasan_atomics_helper+0x992/0x5450 [ 13.608119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.608142] ? kasan_atomics_helper+0x992/0x5450 [ 13.608165] kasan_report+0x141/0x180 [ 13.608199] ? kasan_atomics_helper+0x992/0x5450 [ 13.608226] kasan_check_range+0x10c/0x1c0 [ 13.608253] __kasan_check_write+0x18/0x20 [ 13.608284] kasan_atomics_helper+0x992/0x5450 [ 13.608308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.608331] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.608354] ? kasan_atomics+0x152/0x310 [ 13.608379] kasan_atomics+0x1dc/0x310 [ 13.608398] ? __pfx_kasan_atomics+0x10/0x10 [ 13.608420] ? __pfx_read_tsc+0x10/0x10 [ 13.608442] ? ktime_get_ts64+0x86/0x230 [ 13.608467] kunit_try_run_case+0x1a5/0x480 [ 13.608494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.608516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.608541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.608584] ? __kthread_parkme+0x82/0x180 [ 13.608607] ? preempt_count_sub+0x50/0x80 [ 13.608634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.608658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.608682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.608706] kthread+0x337/0x6f0 [ 13.608724] ? trace_preempt_on+0x20/0xc0 [ 13.608748] ? __pfx_kthread+0x10/0x10 [ 13.608767] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.608789] ? calculate_sigpending+0x7b/0xa0 [ 13.608812] ? __pfx_kthread+0x10/0x10 [ 13.608830] ret_from_fork+0x41/0x80 [ 13.608852] ? __pfx_kthread+0x10/0x10 [ 13.608871] ret_from_fork_asm+0x1a/0x30 [ 13.608902] </TASK> [ 13.608912] [ 13.616994] Allocated by task 284: [ 13.617198] kasan_save_stack+0x45/0x70 [ 13.617409] kasan_save_track+0x18/0x40 [ 13.617591] kasan_save_alloc_info+0x3b/0x50 [ 13.617785] __kasan_kmalloc+0xb7/0xc0 [ 13.617969] __kmalloc_cache_noprof+0x189/0x420 [ 13.618196] kasan_atomics+0x95/0x310 [ 13.618392] kunit_try_run_case+0x1a5/0x480 [ 13.618617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.618862] kthread+0x337/0x6f0 [ 13.619011] ret_from_fork+0x41/0x80 [ 13.619144] ret_from_fork_asm+0x1a/0x30 [ 13.619285] [ 13.619356] The buggy address belongs to the object at ffff888102a0bf80 [ 13.619356] which belongs to the cache kmalloc-64 of size 64 [ 13.620078] The buggy address is located 0 bytes to the right of [ 13.620078] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.620455] [ 13.620528] The buggy address belongs to the physical page: [ 13.620839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.621236] flags: 0x200000000000000(node=0|zone=2) [ 13.621506] page_type: f5(slab) [ 13.621713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.622064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.622292] page dumped because: kasan: bad access detected [ 13.622567] [ 13.622659] Memory state around the buggy address: [ 13.622883] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.623168] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.623384] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.624071] ^ [ 13.624239] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.624613] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.624868] ================================================================== [ 13.701779] ================================================================== [ 13.702120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 13.702407] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.702767] [ 13.702880] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.702936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.702949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.702970] Call Trace: [ 13.702989] <TASK> [ 13.703007] dump_stack_lvl+0x73/0xb0 [ 13.703033] print_report+0xd1/0x650 [ 13.703056] ? __virt_addr_valid+0x1db/0x2d0 [ 13.703079] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.703118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.703151] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.703174] kasan_report+0x141/0x180 [ 13.703197] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.703235] __asan_report_load4_noabort+0x18/0x20 [ 13.703257] kasan_atomics_helper+0x4a84/0x5450 [ 13.703281] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.703304] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.703327] ? kasan_atomics+0x152/0x310 [ 13.703351] kasan_atomics+0x1dc/0x310 [ 13.703370] ? __pfx_kasan_atomics+0x10/0x10 [ 13.703392] ? __pfx_read_tsc+0x10/0x10 [ 13.703413] ? ktime_get_ts64+0x86/0x230 [ 13.703438] kunit_try_run_case+0x1a5/0x480 [ 13.703473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.703496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.703521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.703575] ? __kthread_parkme+0x82/0x180 [ 13.703599] ? preempt_count_sub+0x50/0x80 [ 13.703625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.703658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.703682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.703706] kthread+0x337/0x6f0 [ 13.703724] ? trace_preempt_on+0x20/0xc0 [ 13.703747] ? __pfx_kthread+0x10/0x10 [ 13.703767] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.703789] ? calculate_sigpending+0x7b/0xa0 [ 13.703820] ? __pfx_kthread+0x10/0x10 [ 13.703839] ret_from_fork+0x41/0x80 [ 13.703860] ? __pfx_kthread+0x10/0x10 [ 13.703879] ret_from_fork_asm+0x1a/0x30 [ 13.703929] </TASK> [ 13.703940] [ 13.711622] Allocated by task 284: [ 13.711832] kasan_save_stack+0x45/0x70 [ 13.712068] kasan_save_track+0x18/0x40 [ 13.712244] kasan_save_alloc_info+0x3b/0x50 [ 13.712463] __kasan_kmalloc+0xb7/0xc0 [ 13.712712] __kmalloc_cache_noprof+0x189/0x420 [ 13.712941] kasan_atomics+0x95/0x310 [ 13.713073] kunit_try_run_case+0x1a5/0x480 [ 13.713219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.713445] kthread+0x337/0x6f0 [ 13.713626] ret_from_fork+0x41/0x80 [ 13.713807] ret_from_fork_asm+0x1a/0x30 [ 13.714211] [ 13.714288] The buggy address belongs to the object at ffff888102a0bf80 [ 13.714288] which belongs to the cache kmalloc-64 of size 64 [ 13.714710] The buggy address is located 0 bytes to the right of [ 13.714710] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.715405] [ 13.715512] The buggy address belongs to the physical page: [ 13.715725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.716111] flags: 0x200000000000000(node=0|zone=2) [ 13.716356] page_type: f5(slab) [ 13.716527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.716886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.717219] page dumped because: kasan: bad access detected [ 13.717404] [ 13.717473] Memory state around the buggy address: [ 13.717630] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.717847] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.718315] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.718735] ^ [ 13.718966] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.719243] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.719457] ================================================================== [ 13.813537] ================================================================== [ 13.814076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 13.814434] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.814777] [ 13.814904] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.814967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.814980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.815014] Call Trace: [ 13.815034] <TASK> [ 13.815054] dump_stack_lvl+0x73/0xb0 [ 13.815089] print_report+0xd1/0x650 [ 13.815112] ? __virt_addr_valid+0x1db/0x2d0 [ 13.815134] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.815168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.815192] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.815216] kasan_report+0x141/0x180 [ 13.815248] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.815276] __asan_report_load4_noabort+0x18/0x20 [ 13.815297] kasan_atomics_helper+0x4a36/0x5450 [ 13.815331] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.815355] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.815377] ? kasan_atomics+0x152/0x310 [ 13.815410] kasan_atomics+0x1dc/0x310 [ 13.815431] ? __pfx_kasan_atomics+0x10/0x10 [ 13.815453] ? __pfx_read_tsc+0x10/0x10 [ 13.815485] ? ktime_get_ts64+0x86/0x230 [ 13.815512] kunit_try_run_case+0x1a5/0x480 [ 13.815545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.815588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.815623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.815648] ? __kthread_parkme+0x82/0x180 [ 13.815670] ? preempt_count_sub+0x50/0x80 [ 13.815697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.815722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.815746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.815769] kthread+0x337/0x6f0 [ 13.815787] ? trace_preempt_on+0x20/0xc0 [ 13.815811] ? __pfx_kthread+0x10/0x10 [ 13.815830] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.815852] ? calculate_sigpending+0x7b/0xa0 [ 13.815874] ? __pfx_kthread+0x10/0x10 [ 13.815894] ret_from_fork+0x41/0x80 [ 13.815923] ? __pfx_kthread+0x10/0x10 [ 13.815942] ret_from_fork_asm+0x1a/0x30 [ 13.815974] </TASK> [ 13.815985] [ 13.823482] Allocated by task 284: [ 13.823673] kasan_save_stack+0x45/0x70 [ 13.823827] kasan_save_track+0x18/0x40 [ 13.823974] kasan_save_alloc_info+0x3b/0x50 [ 13.824131] __kasan_kmalloc+0xb7/0xc0 [ 13.824358] __kmalloc_cache_noprof+0x189/0x420 [ 13.824638] kasan_atomics+0x95/0x310 [ 13.824859] kunit_try_run_case+0x1a5/0x480 [ 13.825107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.825365] kthread+0x337/0x6f0 [ 13.825527] ret_from_fork+0x41/0x80 [ 13.825706] ret_from_fork_asm+0x1a/0x30 [ 13.825941] [ 13.826037] The buggy address belongs to the object at ffff888102a0bf80 [ 13.826037] which belongs to the cache kmalloc-64 of size 64 [ 13.826574] The buggy address is located 0 bytes to the right of [ 13.826574] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.827098] [ 13.827199] The buggy address belongs to the physical page: [ 13.827432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.827801] flags: 0x200000000000000(node=0|zone=2) [ 13.828049] page_type: f5(slab) [ 13.828220] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.828546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.828931] page dumped because: kasan: bad access detected [ 13.829139] [ 13.829212] Memory state around the buggy address: [ 13.829370] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.829732] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.830025] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.830238] ^ [ 13.830448] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.830791] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.831142] ================================================================== [ 13.861294] ================================================================== [ 13.861833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 13.862521] Read of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.862828] [ 13.862953] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.863004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.863019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.863043] Call Trace: [ 13.863065] <TASK> [ 13.863087] dump_stack_lvl+0x73/0xb0 [ 13.863116] print_report+0xd1/0x650 [ 13.863140] ? __virt_addr_valid+0x1db/0x2d0 [ 13.863164] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.863187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.863210] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.863233] kasan_report+0x141/0x180 [ 13.863256] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.863283] __asan_report_load4_noabort+0x18/0x20 [ 13.863305] kasan_atomics_helper+0x4a1c/0x5450 [ 13.863329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.863353] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.863376] ? kasan_atomics+0x152/0x310 [ 13.863400] kasan_atomics+0x1dc/0x310 [ 13.863420] ? __pfx_kasan_atomics+0x10/0x10 [ 13.863441] ? __pfx_read_tsc+0x10/0x10 [ 13.863463] ? ktime_get_ts64+0x86/0x230 [ 13.863489] kunit_try_run_case+0x1a5/0x480 [ 13.863516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.863539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.863565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.863590] ? __kthread_parkme+0x82/0x180 [ 13.863613] ? preempt_count_sub+0x50/0x80 [ 13.863639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.863663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.863711] kthread+0x337/0x6f0 [ 13.863730] ? trace_preempt_on+0x20/0xc0 [ 13.863754] ? __pfx_kthread+0x10/0x10 [ 13.863773] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.863795] ? calculate_sigpending+0x7b/0xa0 [ 13.863831] ? __pfx_kthread+0x10/0x10 [ 13.863850] ret_from_fork+0x41/0x80 [ 13.863871] ? __pfx_kthread+0x10/0x10 [ 13.863890] ret_from_fork_asm+0x1a/0x30 [ 13.863944] </TASK> [ 13.863955] [ 13.871420] Allocated by task 284: [ 13.871700] kasan_save_stack+0x45/0x70 [ 13.871908] kasan_save_track+0x18/0x40 [ 13.872105] kasan_save_alloc_info+0x3b/0x50 [ 13.872321] __kasan_kmalloc+0xb7/0xc0 [ 13.872509] __kmalloc_cache_noprof+0x189/0x420 [ 13.872816] kasan_atomics+0x95/0x310 [ 13.873005] kunit_try_run_case+0x1a5/0x480 [ 13.873203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.873439] kthread+0x337/0x6f0 [ 13.873623] ret_from_fork+0x41/0x80 [ 13.873802] ret_from_fork_asm+0x1a/0x30 [ 13.873977] [ 13.874101] The buggy address belongs to the object at ffff888102a0bf80 [ 13.874101] which belongs to the cache kmalloc-64 of size 64 [ 13.874583] The buggy address is located 0 bytes to the right of [ 13.874583] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.875116] [ 13.875214] The buggy address belongs to the physical page: [ 13.875412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.875795] flags: 0x200000000000000(node=0|zone=2) [ 13.876046] page_type: f5(slab) [ 13.876223] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.876556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.876823] page dumped because: kasan: bad access detected [ 13.877019] [ 13.877113] Memory state around the buggy address: [ 13.877380] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.877849] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.878167] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.878419] ^ [ 13.878682] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.879019] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.879328] ================================================================== [ 13.916796] ================================================================== [ 13.917075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 13.917314] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.917560] [ 13.917674] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.917720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.917732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.917755] Call Trace: [ 13.917775] <TASK> [ 13.917795] dump_stack_lvl+0x73/0xb0 [ 13.917821] print_report+0xd1/0x650 [ 13.917844] ? __virt_addr_valid+0x1db/0x2d0 [ 13.917866] ? kasan_atomics_helper+0x1217/0x5450 [ 13.917888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.917912] ? kasan_atomics_helper+0x1217/0x5450 [ 13.918132] kasan_report+0x141/0x180 [ 13.918157] ? kasan_atomics_helper+0x1217/0x5450 [ 13.918198] kasan_check_range+0x10c/0x1c0 [ 13.918219] __kasan_check_write+0x18/0x20 [ 13.918240] kasan_atomics_helper+0x1217/0x5450 [ 13.918263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.918288] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.918311] ? kasan_atomics+0x152/0x310 [ 13.918335] kasan_atomics+0x1dc/0x310 [ 13.918355] ? __pfx_kasan_atomics+0x10/0x10 [ 13.918376] ? __pfx_read_tsc+0x10/0x10 [ 13.918397] ? ktime_get_ts64+0x86/0x230 [ 13.918423] kunit_try_run_case+0x1a5/0x480 [ 13.918449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.918496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.918520] ? __kthread_parkme+0x82/0x180 [ 13.918542] ? preempt_count_sub+0x50/0x80 [ 13.918578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.918626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.918650] kthread+0x337/0x6f0 [ 13.918667] ? trace_preempt_on+0x20/0xc0 [ 13.918691] ? __pfx_kthread+0x10/0x10 [ 13.918710] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.918732] ? calculate_sigpending+0x7b/0xa0 [ 13.918754] ? __pfx_kthread+0x10/0x10 [ 13.918774] ret_from_fork+0x41/0x80 [ 13.918795] ? __pfx_kthread+0x10/0x10 [ 13.918823] ret_from_fork_asm+0x1a/0x30 [ 13.918855] </TASK> [ 13.918866] [ 13.927675] Allocated by task 284: [ 13.928021] kasan_save_stack+0x45/0x70 [ 13.928312] kasan_save_track+0x18/0x40 [ 13.928622] kasan_save_alloc_info+0x3b/0x50 [ 13.928781] __kasan_kmalloc+0xb7/0xc0 [ 13.929020] __kmalloc_cache_noprof+0x189/0x420 [ 13.929464] kasan_atomics+0x95/0x310 [ 13.929871] kunit_try_run_case+0x1a5/0x480 [ 13.930078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930538] kthread+0x337/0x6f0 [ 13.930883] ret_from_fork+0x41/0x80 [ 13.931208] ret_from_fork_asm+0x1a/0x30 [ 13.931351] [ 13.931423] The buggy address belongs to the object at ffff888102a0bf80 [ 13.931423] which belongs to the cache kmalloc-64 of size 64 [ 13.932280] The buggy address is located 0 bytes to the right of [ 13.932280] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.933365] [ 13.933534] The buggy address belongs to the physical page: [ 13.934048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.934488] flags: 0x200000000000000(node=0|zone=2) [ 13.934690] page_type: f5(slab) [ 13.935019] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.935482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.935869] page dumped because: kasan: bad access detected [ 13.936268] [ 13.936339] Memory state around the buggy address: [ 13.936497] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.936866] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.937330] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.937545] ^ [ 13.938011] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.938633] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.939267] ================================================================== [ 14.002978] ================================================================== [ 14.003307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.003780] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.004087] [ 14.004211] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.004266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.004279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.004302] Call Trace: [ 14.004323] <TASK> [ 14.004343] dump_stack_lvl+0x73/0xb0 [ 14.004370] print_report+0xd1/0x650 [ 14.004395] ? __virt_addr_valid+0x1db/0x2d0 [ 14.004420] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.004442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.004466] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.004489] kasan_report+0x141/0x180 [ 14.004512] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.004540] kasan_check_range+0x10c/0x1c0 [ 14.004561] __kasan_check_read+0x15/0x20 [ 14.004581] kasan_atomics_helper+0x13b5/0x5450 [ 14.004605] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.004628] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.004651] ? kasan_atomics+0x152/0x310 [ 14.004675] kasan_atomics+0x1dc/0x310 [ 14.004695] ? __pfx_kasan_atomics+0x10/0x10 [ 14.004716] ? __pfx_read_tsc+0x10/0x10 [ 14.004737] ? ktime_get_ts64+0x86/0x230 [ 14.005182] kunit_try_run_case+0x1a5/0x480 [ 14.005218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.005268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.005292] ? __kthread_parkme+0x82/0x180 [ 14.005316] ? preempt_count_sub+0x50/0x80 [ 14.005342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.005391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.005414] kthread+0x337/0x6f0 [ 14.005432] ? trace_preempt_on+0x20/0xc0 [ 14.005456] ? __pfx_kthread+0x10/0x10 [ 14.005474] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.005496] ? calculate_sigpending+0x7b/0xa0 [ 14.005519] ? __pfx_kthread+0x10/0x10 [ 14.005538] ret_from_fork+0x41/0x80 [ 14.005574] ? __pfx_kthread+0x10/0x10 [ 14.005593] ret_from_fork_asm+0x1a/0x30 [ 14.005625] </TASK> [ 14.005637] [ 14.015319] Allocated by task 284: [ 14.015589] kasan_save_stack+0x45/0x70 [ 14.015864] kasan_save_track+0x18/0x40 [ 14.016074] kasan_save_alloc_info+0x3b/0x50 [ 14.016368] __kasan_kmalloc+0xb7/0xc0 [ 14.016561] __kmalloc_cache_noprof+0x189/0x420 [ 14.016903] kasan_atomics+0x95/0x310 [ 14.017178] kunit_try_run_case+0x1a5/0x480 [ 14.017374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.017750] kthread+0x337/0x6f0 [ 14.017897] ret_from_fork+0x41/0x80 [ 14.018105] ret_from_fork_asm+0x1a/0x30 [ 14.018447] [ 14.018552] The buggy address belongs to the object at ffff888102a0bf80 [ 14.018552] which belongs to the cache kmalloc-64 of size 64 [ 14.019167] The buggy address is located 0 bytes to the right of [ 14.019167] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.019846] [ 14.020048] The buggy address belongs to the physical page: [ 14.020303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.020784] flags: 0x200000000000000(node=0|zone=2) [ 14.021092] page_type: f5(slab) [ 14.021241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.021658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.022061] page dumped because: kasan: bad access detected [ 14.022324] [ 14.022413] Memory state around the buggy address: [ 14.022641] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.023197] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.023604] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.023880] ^ [ 14.024265] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.024685] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.025007] ================================================================== [ 14.026072] ================================================================== [ 14.026392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.026888] Read of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.027137] [ 14.027254] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.027301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.027314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.027339] Call Trace: [ 14.027359] <TASK> [ 14.027379] dump_stack_lvl+0x73/0xb0 [ 14.027406] print_report+0xd1/0x650 [ 14.027430] ? __virt_addr_valid+0x1db/0x2d0 [ 14.027453] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.027476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.027500] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.027522] kasan_report+0x141/0x180 [ 14.027546] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.027573] __asan_report_load8_noabort+0x18/0x20 [ 14.027594] kasan_atomics_helper+0x4eae/0x5450 [ 14.027620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.027642] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.027666] ? kasan_atomics+0x152/0x310 [ 14.027690] kasan_atomics+0x1dc/0x310 [ 14.027710] ? __pfx_kasan_atomics+0x10/0x10 [ 14.027742] ? __pfx_read_tsc+0x10/0x10 [ 14.027764] ? ktime_get_ts64+0x86/0x230 [ 14.027790] kunit_try_run_case+0x1a5/0x480 [ 14.027816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.027864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.027891] ? __kthread_parkme+0x82/0x180 [ 14.027926] ? preempt_count_sub+0x50/0x80 [ 14.027953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.028001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.028026] kthread+0x337/0x6f0 [ 14.028043] ? trace_preempt_on+0x20/0xc0 [ 14.028067] ? __pfx_kthread+0x10/0x10 [ 14.028086] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.028109] ? calculate_sigpending+0x7b/0xa0 [ 14.028131] ? __pfx_kthread+0x10/0x10 [ 14.028151] ret_from_fork+0x41/0x80 [ 14.028172] ? __pfx_kthread+0x10/0x10 [ 14.028191] ret_from_fork_asm+0x1a/0x30 [ 14.028223] </TASK> [ 14.028235] [ 14.035225] Allocated by task 284: [ 14.035360] kasan_save_stack+0x45/0x70 [ 14.035600] kasan_save_track+0x18/0x40 [ 14.035792] kasan_save_alloc_info+0x3b/0x50 [ 14.036030] __kasan_kmalloc+0xb7/0xc0 [ 14.036222] __kmalloc_cache_noprof+0x189/0x420 [ 14.036457] kasan_atomics+0x95/0x310 [ 14.036633] kunit_try_run_case+0x1a5/0x480 [ 14.036836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.037061] kthread+0x337/0x6f0 [ 14.037207] ret_from_fork+0x41/0x80 [ 14.037383] ret_from_fork_asm+0x1a/0x30 [ 14.037538] [ 14.037633] The buggy address belongs to the object at ffff888102a0bf80 [ 14.037633] which belongs to the cache kmalloc-64 of size 64 [ 14.038122] The buggy address is located 0 bytes to the right of [ 14.038122] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.038506] [ 14.038601] The buggy address belongs to the physical page: [ 14.038853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.039217] flags: 0x200000000000000(node=0|zone=2) [ 14.039528] page_type: f5(slab) [ 14.039688] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.040079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.040372] page dumped because: kasan: bad access detected [ 14.040564] [ 14.040634] Memory state around the buggy address: [ 14.040791] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.041306] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.041635] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.041905] ^ [ 14.042152] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.042414] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.042749] ================================================================== [ 14.449628] ================================================================== [ 14.450116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.450364] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.450862] [ 14.451022] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.451084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.451097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.451121] Call Trace: [ 14.451142] <TASK> [ 14.451163] dump_stack_lvl+0x73/0xb0 [ 14.451189] print_report+0xd1/0x650 [ 14.451213] ? __virt_addr_valid+0x1db/0x2d0 [ 14.451237] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.451259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.451283] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.451306] kasan_report+0x141/0x180 [ 14.451330] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.451357] kasan_check_range+0x10c/0x1c0 [ 14.451379] __kasan_check_write+0x18/0x20 [ 14.451399] kasan_atomics_helper+0x1eaa/0x5450 [ 14.451423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.451449] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.451472] ? kasan_atomics+0x152/0x310 [ 14.451497] kasan_atomics+0x1dc/0x310 [ 14.451517] ? __pfx_kasan_atomics+0x10/0x10 [ 14.451539] ? __pfx_read_tsc+0x10/0x10 [ 14.451560] ? ktime_get_ts64+0x86/0x230 [ 14.451587] kunit_try_run_case+0x1a5/0x480 [ 14.451613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.451662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451718] ? __kthread_parkme+0x82/0x180 [ 14.451741] ? preempt_count_sub+0x50/0x80 [ 14.451767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.451851] kthread+0x337/0x6f0 [ 14.451868] ? trace_preempt_on+0x20/0xc0 [ 14.451895] ? __pfx_kthread+0x10/0x10 [ 14.451913] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.451945] ? calculate_sigpending+0x7b/0xa0 [ 14.451967] ? __pfx_kthread+0x10/0x10 [ 14.451987] ret_from_fork+0x41/0x80 [ 14.452007] ? __pfx_kthread+0x10/0x10 [ 14.452026] ret_from_fork_asm+0x1a/0x30 [ 14.452057] </TASK> [ 14.452069] [ 14.460480] Allocated by task 284: [ 14.460622] kasan_save_stack+0x45/0x70 [ 14.460771] kasan_save_track+0x18/0x40 [ 14.460903] kasan_save_alloc_info+0x3b/0x50 [ 14.461117] __kasan_kmalloc+0xb7/0xc0 [ 14.461306] __kmalloc_cache_noprof+0x189/0x420 [ 14.461583] kasan_atomics+0x95/0x310 [ 14.461842] kunit_try_run_case+0x1a5/0x480 [ 14.462162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462509] kthread+0x337/0x6f0 [ 14.462816] ret_from_fork+0x41/0x80 [ 14.463011] ret_from_fork_asm+0x1a/0x30 [ 14.463228] [ 14.463350] The buggy address belongs to the object at ffff888102a0bf80 [ 14.463350] which belongs to the cache kmalloc-64 of size 64 [ 14.463928] The buggy address is located 0 bytes to the right of [ 14.463928] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.464405] [ 14.464508] The buggy address belongs to the physical page: [ 14.464895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.465147] flags: 0x200000000000000(node=0|zone=2) [ 14.465308] page_type: f5(slab) [ 14.465431] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.466050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.466410] page dumped because: kasan: bad access detected [ 14.466891] [ 14.467036] Memory state around the buggy address: [ 14.467278] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.467620] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.467877] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.468238] ^ [ 14.468482] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.468828] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.469155] ================================================================== [ 14.551972] ================================================================== [ 14.552327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.552739] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.553122] [ 14.553279] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.553340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.553354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.553379] Call Trace: [ 14.553401] <TASK> [ 14.553421] dump_stack_lvl+0x73/0xb0 [ 14.553449] print_report+0xd1/0x650 [ 14.553473] ? __virt_addr_valid+0x1db/0x2d0 [ 14.553497] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.553519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.553543] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.553566] kasan_report+0x141/0x180 [ 14.553601] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.553628] kasan_check_range+0x10c/0x1c0 [ 14.553649] __kasan_check_write+0x18/0x20 [ 14.553670] kasan_atomics_helper+0x20c8/0x5450 [ 14.553693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.553717] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.553770] ? kasan_atomics+0x152/0x310 [ 14.553795] kasan_atomics+0x1dc/0x310 [ 14.553815] ? __pfx_kasan_atomics+0x10/0x10 [ 14.553848] ? __pfx_read_tsc+0x10/0x10 [ 14.553868] ? ktime_get_ts64+0x86/0x230 [ 14.553895] kunit_try_run_case+0x1a5/0x480 [ 14.553957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.553980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.554016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.554041] ? __kthread_parkme+0x82/0x180 [ 14.554089] ? preempt_count_sub+0x50/0x80 [ 14.554116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.554141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.554175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.554199] kthread+0x337/0x6f0 [ 14.554241] ? trace_preempt_on+0x20/0xc0 [ 14.554267] ? __pfx_kthread+0x10/0x10 [ 14.554285] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.554318] ? calculate_sigpending+0x7b/0xa0 [ 14.554341] ? __pfx_kthread+0x10/0x10 [ 14.554385] ret_from_fork+0x41/0x80 [ 14.554407] ? __pfx_kthread+0x10/0x10 [ 14.554453] ret_from_fork_asm+0x1a/0x30 [ 14.554515] </TASK> [ 14.554541] [ 14.562790] Allocated by task 284: [ 14.562947] kasan_save_stack+0x45/0x70 [ 14.563144] kasan_save_track+0x18/0x40 [ 14.563385] kasan_save_alloc_info+0x3b/0x50 [ 14.563621] __kasan_kmalloc+0xb7/0xc0 [ 14.563857] __kmalloc_cache_noprof+0x189/0x420 [ 14.564109] kasan_atomics+0x95/0x310 [ 14.564316] kunit_try_run_case+0x1a5/0x480 [ 14.564556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.564845] kthread+0x337/0x6f0 [ 14.565035] ret_from_fork+0x41/0x80 [ 14.565228] ret_from_fork_asm+0x1a/0x30 [ 14.565456] [ 14.565576] The buggy address belongs to the object at ffff888102a0bf80 [ 14.565576] which belongs to the cache kmalloc-64 of size 64 [ 14.566063] The buggy address is located 0 bytes to the right of [ 14.566063] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.566649] [ 14.566748] The buggy address belongs to the physical page: [ 14.566939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.567338] flags: 0x200000000000000(node=0|zone=2) [ 14.567618] page_type: f5(slab) [ 14.567821] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.568195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.568496] page dumped because: kasan: bad access detected [ 14.568889] [ 14.569007] Memory state around the buggy address: [ 14.569200] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.569595] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.569842] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.570123] ^ [ 14.570277] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.570486] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.571045] ================================================================== [ 14.043342] ================================================================== [ 14.044044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.044376] Write of size 8 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 14.044618] [ 14.044709] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 14.044756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.044772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.044795] Call Trace: [ 14.044817] <TASK> [ 14.044837] dump_stack_lvl+0x73/0xb0 [ 14.044862] print_report+0xd1/0x650 [ 14.044887] ? __virt_addr_valid+0x1db/0x2d0 [ 14.044910] ? kasan_atomics_helper+0x1467/0x5450 [ 14.045343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.045368] ? kasan_atomics_helper+0x1467/0x5450 [ 14.045392] kasan_report+0x141/0x180 [ 14.045418] ? kasan_atomics_helper+0x1467/0x5450 [ 14.045446] kasan_check_range+0x10c/0x1c0 [ 14.045468] __kasan_check_write+0x18/0x20 [ 14.045488] kasan_atomics_helper+0x1467/0x5450 [ 14.045512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.045535] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.045558] ? kasan_atomics+0x152/0x310 [ 14.045582] kasan_atomics+0x1dc/0x310 [ 14.045602] ? __pfx_kasan_atomics+0x10/0x10 [ 14.045624] ? __pfx_read_tsc+0x10/0x10 [ 14.045645] ? ktime_get_ts64+0x86/0x230 [ 14.045672] kunit_try_run_case+0x1a5/0x480 [ 14.045698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.045721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.045746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.045770] ? __kthread_parkme+0x82/0x180 [ 14.045793] ? preempt_count_sub+0x50/0x80 [ 14.045819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.045843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.045867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.045891] kthread+0x337/0x6f0 [ 14.045908] ? trace_preempt_on+0x20/0xc0 [ 14.046097] ? __pfx_kthread+0x10/0x10 [ 14.046116] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.046138] ? calculate_sigpending+0x7b/0xa0 [ 14.046161] ? __pfx_kthread+0x10/0x10 [ 14.046181] ret_from_fork+0x41/0x80 [ 14.046202] ? __pfx_kthread+0x10/0x10 [ 14.046221] ret_from_fork_asm+0x1a/0x30 [ 14.046253] </TASK> [ 14.046266] [ 14.053870] Allocated by task 284: [ 14.054173] kasan_save_stack+0x45/0x70 [ 14.054350] kasan_save_track+0x18/0x40 [ 14.054489] kasan_save_alloc_info+0x3b/0x50 [ 14.054827] __kasan_kmalloc+0xb7/0xc0 [ 14.055024] __kmalloc_cache_noprof+0x189/0x420 [ 14.055178] kasan_atomics+0x95/0x310 [ 14.055309] kunit_try_run_case+0x1a5/0x480 [ 14.055478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.055737] kthread+0x337/0x6f0 [ 14.055981] ret_from_fork+0x41/0x80 [ 14.056277] ret_from_fork_asm+0x1a/0x30 [ 14.056580] [ 14.056668] The buggy address belongs to the object at ffff888102a0bf80 [ 14.056668] which belongs to the cache kmalloc-64 of size 64 [ 14.057125] The buggy address is located 0 bytes to the right of [ 14.057125] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 14.057491] [ 14.057564] The buggy address belongs to the physical page: [ 14.057739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 14.058105] flags: 0x200000000000000(node=0|zone=2) [ 14.058345] page_type: f5(slab) [ 14.058520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.058861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.059342] page dumped because: kasan: bad access detected [ 14.059545] [ 14.059614] Memory state around the buggy address: [ 14.059771] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.060148] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.060472] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.060904] ^ [ 14.061178] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.061405] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 14.061652] ================================================================== [ 13.493982] ================================================================== [ 13.494346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.495173] Write of size 4 at addr ffff888102a0bfb0 by task kunit_try_catch/284 [ 13.495495] [ 13.495596] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.495640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.495653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.495676] Call Trace: [ 13.495693] <TASK> [ 13.495711] dump_stack_lvl+0x73/0xb0 [ 13.495737] print_report+0xd1/0x650 [ 13.495760] ? __virt_addr_valid+0x1db/0x2d0 [ 13.495783] ? kasan_atomics_helper+0x697/0x5450 [ 13.495804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.495828] ? kasan_atomics_helper+0x697/0x5450 [ 13.495850] kasan_report+0x141/0x180 [ 13.495873] ? kasan_atomics_helper+0x697/0x5450 [ 13.495900] kasan_check_range+0x10c/0x1c0 [ 13.495934] __kasan_check_write+0x18/0x20 [ 13.495955] kasan_atomics_helper+0x697/0x5450 [ 13.495979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.496002] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.496024] ? kasan_atomics+0x152/0x310 [ 13.496048] kasan_atomics+0x1dc/0x310 [ 13.496068] ? __pfx_kasan_atomics+0x10/0x10 [ 13.496089] ? __pfx_read_tsc+0x10/0x10 [ 13.496109] ? ktime_get_ts64+0x86/0x230 [ 13.496136] kunit_try_run_case+0x1a5/0x480 [ 13.496161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.496209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.496235] ? __kthread_parkme+0x82/0x180 [ 13.496264] ? preempt_count_sub+0x50/0x80 [ 13.496290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.496338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.496361] kthread+0x337/0x6f0 [ 13.496379] ? trace_preempt_on+0x20/0xc0 [ 13.496403] ? __pfx_kthread+0x10/0x10 [ 13.496422] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.496444] ? calculate_sigpending+0x7b/0xa0 [ 13.496467] ? __pfx_kthread+0x10/0x10 [ 13.496486] ret_from_fork+0x41/0x80 [ 13.496507] ? __pfx_kthread+0x10/0x10 [ 13.496526] ret_from_fork_asm+0x1a/0x30 [ 13.496558] </TASK> [ 13.496568] [ 13.503793] Allocated by task 284: [ 13.503942] kasan_save_stack+0x45/0x70 [ 13.504146] kasan_save_track+0x18/0x40 [ 13.504328] kasan_save_alloc_info+0x3b/0x50 [ 13.504505] __kasan_kmalloc+0xb7/0xc0 [ 13.504757] __kmalloc_cache_noprof+0x189/0x420 [ 13.504974] kasan_atomics+0x95/0x310 [ 13.505110] kunit_try_run_case+0x1a5/0x480 [ 13.505258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.505432] kthread+0x337/0x6f0 [ 13.505551] ret_from_fork+0x41/0x80 [ 13.505734] ret_from_fork_asm+0x1a/0x30 [ 13.505938] [ 13.506033] The buggy address belongs to the object at ffff888102a0bf80 [ 13.506033] which belongs to the cache kmalloc-64 of size 64 [ 13.506824] The buggy address is located 0 bytes to the right of [ 13.506824] allocated 48-byte region [ffff888102a0bf80, ffff888102a0bfb0) [ 13.507229] [ 13.507302] The buggy address belongs to the physical page: [ 13.507769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 13.508140] flags: 0x200000000000000(node=0|zone=2) [ 13.508358] page_type: f5(slab) [ 13.508510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.508949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.509180] page dumped because: kasan: bad access detected [ 13.509436] [ 13.509530] Memory state around the buggy address: [ 13.509949] ffff888102a0be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.510220] ffff888102a0bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.510511] >ffff888102a0bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.510778] ^ [ 13.510944] ffff888102a0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.511264] ffff888102a0c080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 13.511612] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.208807] ================================================================== [ 13.209175] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.209548] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.209951] [ 13.210066] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.210111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.210123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.210144] Call Trace: [ 13.210162] <TASK> [ 13.210180] dump_stack_lvl+0x73/0xb0 [ 13.210205] print_report+0xd1/0x650 [ 13.210227] ? __virt_addr_valid+0x1db/0x2d0 [ 13.210250] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.210295] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210318] kasan_report+0x141/0x180 [ 13.210342] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210369] kasan_check_range+0x10c/0x1c0 [ 13.210389] __kasan_check_write+0x18/0x20 [ 13.210409] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210432] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.210456] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.210477] ? trace_hardirqs_on+0x37/0xe0 [ 13.210500] ? kasan_bitops_generic+0x92/0x1c0 [ 13.210524] kasan_bitops_generic+0x121/0x1c0 [ 13.210544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.210582] ? __pfx_read_tsc+0x10/0x10 [ 13.210603] ? ktime_get_ts64+0x86/0x230 [ 13.210629] kunit_try_run_case+0x1a5/0x480 [ 13.210654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.210701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.210725] ? __kthread_parkme+0x82/0x180 [ 13.210747] ? preempt_count_sub+0x50/0x80 [ 13.210773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.210819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.210842] kthread+0x337/0x6f0 [ 13.210859] ? trace_preempt_on+0x20/0xc0 [ 13.210881] ? __pfx_kthread+0x10/0x10 [ 13.210899] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.210931] ? calculate_sigpending+0x7b/0xa0 [ 13.210953] ? __pfx_kthread+0x10/0x10 [ 13.210972] ret_from_fork+0x41/0x80 [ 13.210992] ? __pfx_kthread+0x10/0x10 [ 13.211010] ret_from_fork_asm+0x1a/0x30 [ 13.211041] </TASK> [ 13.211052] [ 13.219643] Allocated by task 280: [ 13.219972] kasan_save_stack+0x45/0x70 [ 13.220494] kasan_save_track+0x18/0x40 [ 13.220849] kasan_save_alloc_info+0x3b/0x50 [ 13.221057] __kasan_kmalloc+0xb7/0xc0 [ 13.221230] __kmalloc_cache_noprof+0x189/0x420 [ 13.221416] kasan_bitops_generic+0x92/0x1c0 [ 13.221662] kunit_try_run_case+0x1a5/0x480 [ 13.222000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.222179] kthread+0x337/0x6f0 [ 13.222298] ret_from_fork+0x41/0x80 [ 13.222428] ret_from_fork_asm+0x1a/0x30 [ 13.222623] [ 13.222718] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.222718] which belongs to the cache kmalloc-16 of size 16 [ 13.223207] The buggy address is located 8 bytes inside of [ 13.223207] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.223557] [ 13.223628] The buggy address belongs to the physical page: [ 13.224172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.224543] flags: 0x200000000000000(node=0|zone=2) [ 13.224880] page_type: f5(slab) [ 13.225070] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.225376] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.225807] page dumped because: kasan: bad access detected [ 13.226061] [ 13.226146] Memory state around the buggy address: [ 13.226345] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.226660] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.227235] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.227484] ^ [ 13.227933] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.228222] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.228511] ================================================================== [ 13.147335] ================================================================== [ 13.147579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.147994] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.148332] [ 13.148577] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.148625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.148636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.148658] Call Trace: [ 13.148678] <TASK> [ 13.148696] dump_stack_lvl+0x73/0xb0 [ 13.148752] print_report+0xd1/0x650 [ 13.148776] ? __virt_addr_valid+0x1db/0x2d0 [ 13.148800] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.148846] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148870] kasan_report+0x141/0x180 [ 13.148892] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148931] kasan_check_range+0x10c/0x1c0 [ 13.148951] __kasan_check_write+0x18/0x20 [ 13.148971] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148995] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.149019] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.149041] ? trace_hardirqs_on+0x37/0xe0 [ 13.149063] ? kasan_bitops_generic+0x92/0x1c0 [ 13.149087] kasan_bitops_generic+0x121/0x1c0 [ 13.149106] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.149127] ? __pfx_read_tsc+0x10/0x10 [ 13.149149] ? ktime_get_ts64+0x86/0x230 [ 13.149175] kunit_try_run_case+0x1a5/0x480 [ 13.149199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.149221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.149245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.149268] ? __kthread_parkme+0x82/0x180 [ 13.149290] ? preempt_count_sub+0x50/0x80 [ 13.149316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.149340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.149363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.149386] kthread+0x337/0x6f0 [ 13.149404] ? trace_preempt_on+0x20/0xc0 [ 13.149426] ? __pfx_kthread+0x10/0x10 [ 13.149444] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.149465] ? calculate_sigpending+0x7b/0xa0 [ 13.149487] ? __pfx_kthread+0x10/0x10 [ 13.149505] ret_from_fork+0x41/0x80 [ 13.149526] ? __pfx_kthread+0x10/0x10 [ 13.149544] ret_from_fork_asm+0x1a/0x30 [ 13.149591] </TASK> [ 13.149602] [ 13.158511] Allocated by task 280: [ 13.158840] kasan_save_stack+0x45/0x70 [ 13.159011] kasan_save_track+0x18/0x40 [ 13.159204] kasan_save_alloc_info+0x3b/0x50 [ 13.159411] __kasan_kmalloc+0xb7/0xc0 [ 13.159597] __kmalloc_cache_noprof+0x189/0x420 [ 13.160202] kasan_bitops_generic+0x92/0x1c0 [ 13.160370] kunit_try_run_case+0x1a5/0x480 [ 13.160600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.160991] kthread+0x337/0x6f0 [ 13.161160] ret_from_fork+0x41/0x80 [ 13.161328] ret_from_fork_asm+0x1a/0x30 [ 13.161517] [ 13.161595] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.161595] which belongs to the cache kmalloc-16 of size 16 [ 13.162072] The buggy address is located 8 bytes inside of [ 13.162072] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.162421] [ 13.162642] The buggy address belongs to the physical page: [ 13.163152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.163485] flags: 0x200000000000000(node=0|zone=2) [ 13.163705] page_type: f5(slab) [ 13.163850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.164237] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.164474] page dumped because: kasan: bad access detected [ 13.164643] [ 13.164711] Memory state around the buggy address: [ 13.164876] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.165204] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.165516] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.165997] ^ [ 13.166234] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.166445] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.166654] ================================================================== [ 13.167050] ================================================================== [ 13.167655] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168084] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.168465] [ 13.168581] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.168628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.168640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.168661] Call Trace: [ 13.168679] <TASK> [ 13.168697] dump_stack_lvl+0x73/0xb0 [ 13.168722] print_report+0xd1/0x650 [ 13.168744] ? __virt_addr_valid+0x1db/0x2d0 [ 13.168766] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.168812] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168836] kasan_report+0x141/0x180 [ 13.168858] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168886] kasan_check_range+0x10c/0x1c0 [ 13.168954] __kasan_check_write+0x18/0x20 [ 13.168974] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168999] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.169023] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.169045] ? trace_hardirqs_on+0x37/0xe0 [ 13.169067] ? kasan_bitops_generic+0x92/0x1c0 [ 13.169091] kasan_bitops_generic+0x121/0x1c0 [ 13.169112] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.169134] ? __pfx_read_tsc+0x10/0x10 [ 13.169154] ? ktime_get_ts64+0x86/0x230 [ 13.169179] kunit_try_run_case+0x1a5/0x480 [ 13.169205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.169251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.169274] ? __kthread_parkme+0x82/0x180 [ 13.169296] ? preempt_count_sub+0x50/0x80 [ 13.169322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.169369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.169393] kthread+0x337/0x6f0 [ 13.169410] ? trace_preempt_on+0x20/0xc0 [ 13.169432] ? __pfx_kthread+0x10/0x10 [ 13.169450] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.169471] ? calculate_sigpending+0x7b/0xa0 [ 13.169492] ? __pfx_kthread+0x10/0x10 [ 13.169511] ret_from_fork+0x41/0x80 [ 13.169531] ? __pfx_kthread+0x10/0x10 [ 13.169549] ret_from_fork_asm+0x1a/0x30 [ 13.169590] </TASK> [ 13.169600] [ 13.179116] Allocated by task 280: [ 13.179326] kasan_save_stack+0x45/0x70 [ 13.179512] kasan_save_track+0x18/0x40 [ 13.179715] kasan_save_alloc_info+0x3b/0x50 [ 13.179907] __kasan_kmalloc+0xb7/0xc0 [ 13.180051] __kmalloc_cache_noprof+0x189/0x420 [ 13.180202] kasan_bitops_generic+0x92/0x1c0 [ 13.180354] kunit_try_run_case+0x1a5/0x480 [ 13.180512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181068] kthread+0x337/0x6f0 [ 13.181244] ret_from_fork+0x41/0x80 [ 13.181431] ret_from_fork_asm+0x1a/0x30 [ 13.181632] [ 13.181726] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.181726] which belongs to the cache kmalloc-16 of size 16 [ 13.182437] The buggy address is located 8 bytes inside of [ 13.182437] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.183181] [ 13.183257] The buggy address belongs to the physical page: [ 13.183432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.183795] flags: 0x200000000000000(node=0|zone=2) [ 13.184050] page_type: f5(slab) [ 13.184435] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.185017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.185278] page dumped because: kasan: bad access detected [ 13.185459] [ 13.185552] Memory state around the buggy address: [ 13.185775] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.186159] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.186408] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.187052] ^ [ 13.187263] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.187580] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.188027] ================================================================== [ 13.107287] ================================================================== [ 13.107835] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108229] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.108481] [ 13.108569] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.108614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.108626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.108647] Call Trace: [ 13.108665] <TASK> [ 13.108682] dump_stack_lvl+0x73/0xb0 [ 13.108706] print_report+0xd1/0x650 [ 13.108729] ? __virt_addr_valid+0x1db/0x2d0 [ 13.108751] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.108797] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108821] kasan_report+0x141/0x180 [ 13.108844] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108872] kasan_check_range+0x10c/0x1c0 [ 13.108893] __kasan_check_write+0x18/0x20 [ 13.108912] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108947] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.108972] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.108993] ? trace_hardirqs_on+0x37/0xe0 [ 13.109016] ? kasan_bitops_generic+0x92/0x1c0 [ 13.109040] kasan_bitops_generic+0x121/0x1c0 [ 13.109061] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.109082] ? __pfx_read_tsc+0x10/0x10 [ 13.109102] ? ktime_get_ts64+0x86/0x230 [ 13.109127] kunit_try_run_case+0x1a5/0x480 [ 13.109152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.109198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.109221] ? __kthread_parkme+0x82/0x180 [ 13.109243] ? preempt_count_sub+0x50/0x80 [ 13.109268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.109315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.109338] kthread+0x337/0x6f0 [ 13.109355] ? trace_preempt_on+0x20/0xc0 [ 13.109377] ? __pfx_kthread+0x10/0x10 [ 13.109395] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.109417] ? calculate_sigpending+0x7b/0xa0 [ 13.109439] ? __pfx_kthread+0x10/0x10 [ 13.109457] ret_from_fork+0x41/0x80 [ 13.109477] ? __pfx_kthread+0x10/0x10 [ 13.109495] ret_from_fork_asm+0x1a/0x30 [ 13.109527] </TASK> [ 13.109537] [ 13.118641] Allocated by task 280: [ 13.118979] kasan_save_stack+0x45/0x70 [ 13.119198] kasan_save_track+0x18/0x40 [ 13.119380] kasan_save_alloc_info+0x3b/0x50 [ 13.119610] __kasan_kmalloc+0xb7/0xc0 [ 13.119851] __kmalloc_cache_noprof+0x189/0x420 [ 13.120057] kasan_bitops_generic+0x92/0x1c0 [ 13.120263] kunit_try_run_case+0x1a5/0x480 [ 13.120425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120818] kthread+0x337/0x6f0 [ 13.120959] ret_from_fork+0x41/0x80 [ 13.121091] ret_from_fork_asm+0x1a/0x30 [ 13.121231] [ 13.121302] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.121302] which belongs to the cache kmalloc-16 of size 16 [ 13.121787] The buggy address is located 8 bytes inside of [ 13.121787] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.122262] [ 13.122344] The buggy address belongs to the physical page: [ 13.123055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.123363] flags: 0x200000000000000(node=0|zone=2) [ 13.123560] page_type: f5(slab) [ 13.123743] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.124045] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.124338] page dumped because: kasan: bad access detected [ 13.124509] [ 13.124577] Memory state around the buggy address: [ 13.124735] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.125169] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.125537] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.125892] ^ [ 13.126173] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.126435] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.126712] ================================================================== [ 13.127171] ================================================================== [ 13.127517] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.128379] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.128934] [ 13.129051] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.129099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.129111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.129133] Call Trace: [ 13.129151] <TASK> [ 13.129169] dump_stack_lvl+0x73/0xb0 [ 13.129194] print_report+0xd1/0x650 [ 13.129217] ? __virt_addr_valid+0x1db/0x2d0 [ 13.129238] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.129284] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129309] kasan_report+0x141/0x180 [ 13.129331] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129359] kasan_check_range+0x10c/0x1c0 [ 13.129380] __kasan_check_write+0x18/0x20 [ 13.129399] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129423] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.129448] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.129469] ? trace_hardirqs_on+0x37/0xe0 [ 13.129491] ? kasan_bitops_generic+0x92/0x1c0 [ 13.129516] kasan_bitops_generic+0x121/0x1c0 [ 13.129537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.129558] ? __pfx_read_tsc+0x10/0x10 [ 13.129578] ? ktime_get_ts64+0x86/0x230 [ 13.129603] kunit_try_run_case+0x1a5/0x480 [ 13.129628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.129650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.129675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.129698] ? __kthread_parkme+0x82/0x180 [ 13.129720] ? preempt_count_sub+0x50/0x80 [ 13.129746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.129769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.129792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.129815] kthread+0x337/0x6f0 [ 13.129832] ? trace_preempt_on+0x20/0xc0 [ 13.129854] ? __pfx_kthread+0x10/0x10 [ 13.129872] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.129893] ? calculate_sigpending+0x7b/0xa0 [ 13.129927] ? __pfx_kthread+0x10/0x10 [ 13.129946] ret_from_fork+0x41/0x80 [ 13.129966] ? __pfx_kthread+0x10/0x10 [ 13.129984] ret_from_fork_asm+0x1a/0x30 [ 13.130015] </TASK> [ 13.130025] [ 13.138383] Allocated by task 280: [ 13.138531] kasan_save_stack+0x45/0x70 [ 13.138688] kasan_save_track+0x18/0x40 [ 13.138823] kasan_save_alloc_info+0x3b/0x50 [ 13.138978] __kasan_kmalloc+0xb7/0xc0 [ 13.139121] __kmalloc_cache_noprof+0x189/0x420 [ 13.139338] kasan_bitops_generic+0x92/0x1c0 [ 13.139543] kunit_try_run_case+0x1a5/0x480 [ 13.139932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.140189] kthread+0x337/0x6f0 [ 13.140360] ret_from_fork+0x41/0x80 [ 13.140543] ret_from_fork_asm+0x1a/0x30 [ 13.140766] [ 13.140860] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.140860] which belongs to the cache kmalloc-16 of size 16 [ 13.141237] The buggy address is located 8 bytes inside of [ 13.141237] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.141905] [ 13.142032] The buggy address belongs to the physical page: [ 13.142293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.142782] flags: 0x200000000000000(node=0|zone=2) [ 13.143046] page_type: f5(slab) [ 13.143221] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.143569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.143936] page dumped because: kasan: bad access detected [ 13.144172] [ 13.144252] Memory state around the buggy address: [ 13.144437] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.144851] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.145368] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.145594] ^ [ 13.146239] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.146540] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.146900] ================================================================== [ 13.229028] ================================================================== [ 13.229369] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.229814] Read of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.230059] [ 13.230172] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.230219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.230231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.230252] Call Trace: [ 13.230271] <TASK> [ 13.230291] dump_stack_lvl+0x73/0xb0 [ 13.230315] print_report+0xd1/0x650 [ 13.230339] ? __virt_addr_valid+0x1db/0x2d0 [ 13.230361] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.230406] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230429] kasan_report+0x141/0x180 [ 13.230452] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230481] kasan_check_range+0x10c/0x1c0 [ 13.230501] __kasan_check_read+0x15/0x20 [ 13.230521] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230545] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.230569] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.230590] ? trace_hardirqs_on+0x37/0xe0 [ 13.230612] ? kasan_bitops_generic+0x92/0x1c0 [ 13.230637] kasan_bitops_generic+0x121/0x1c0 [ 13.230738] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.230765] ? __pfx_read_tsc+0x10/0x10 [ 13.230786] ? ktime_get_ts64+0x86/0x230 [ 13.230812] kunit_try_run_case+0x1a5/0x480 [ 13.230837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.230860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.230884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.230908] ? __kthread_parkme+0x82/0x180 [ 13.230943] ? preempt_count_sub+0x50/0x80 [ 13.230969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.230993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.231016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.231039] kthread+0x337/0x6f0 [ 13.231055] ? trace_preempt_on+0x20/0xc0 [ 13.231078] ? __pfx_kthread+0x10/0x10 [ 13.231096] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.231118] ? calculate_sigpending+0x7b/0xa0 [ 13.231140] ? __pfx_kthread+0x10/0x10 [ 13.231158] ret_from_fork+0x41/0x80 [ 13.231179] ? __pfx_kthread+0x10/0x10 [ 13.231197] ret_from_fork_asm+0x1a/0x30 [ 13.231229] </TASK> [ 13.231240] [ 13.239552] Allocated by task 280: [ 13.239694] kasan_save_stack+0x45/0x70 [ 13.239843] kasan_save_track+0x18/0x40 [ 13.240092] kasan_save_alloc_info+0x3b/0x50 [ 13.240318] __kasan_kmalloc+0xb7/0xc0 [ 13.240505] __kmalloc_cache_noprof+0x189/0x420 [ 13.240810] kasan_bitops_generic+0x92/0x1c0 [ 13.241038] kunit_try_run_case+0x1a5/0x480 [ 13.241252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.241486] kthread+0x337/0x6f0 [ 13.241647] ret_from_fork+0x41/0x80 [ 13.241840] ret_from_fork_asm+0x1a/0x30 [ 13.242053] [ 13.242149] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.242149] which belongs to the cache kmalloc-16 of size 16 [ 13.242690] The buggy address is located 8 bytes inside of [ 13.242690] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.243108] [ 13.243205] The buggy address belongs to the physical page: [ 13.243450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.244091] flags: 0x200000000000000(node=0|zone=2) [ 13.244333] page_type: f5(slab) [ 13.244506] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.244936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.245216] page dumped because: kasan: bad access detected [ 13.245386] [ 13.245455] Memory state around the buggy address: [ 13.245698] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.246088] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.246414] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.246783] ^ [ 13.247068] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.247384] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.247647] ================================================================== [ 13.188521] ================================================================== [ 13.189280] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.189872] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.190198] [ 13.190292] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.190339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.190350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.190371] Call Trace: [ 13.190390] <TASK> [ 13.190408] dump_stack_lvl+0x73/0xb0 [ 13.190435] print_report+0xd1/0x650 [ 13.190457] ? __virt_addr_valid+0x1db/0x2d0 [ 13.190480] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.190528] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190551] kasan_report+0x141/0x180 [ 13.190574] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190602] kasan_check_range+0x10c/0x1c0 [ 13.190623] __kasan_check_write+0x18/0x20 [ 13.190642] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190666] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.190690] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.190711] ? trace_hardirqs_on+0x37/0xe0 [ 13.190774] ? kasan_bitops_generic+0x92/0x1c0 [ 13.190802] kasan_bitops_generic+0x121/0x1c0 [ 13.190821] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.190843] ? __pfx_read_tsc+0x10/0x10 [ 13.190863] ? ktime_get_ts64+0x86/0x230 [ 13.190889] kunit_try_run_case+0x1a5/0x480 [ 13.190928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.190976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.190999] ? __kthread_parkme+0x82/0x180 [ 13.191021] ? preempt_count_sub+0x50/0x80 [ 13.191047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.191070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.191093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.191117] kthread+0x337/0x6f0 [ 13.191133] ? trace_preempt_on+0x20/0xc0 [ 13.191157] ? __pfx_kthread+0x10/0x10 [ 13.191175] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.191197] ? calculate_sigpending+0x7b/0xa0 [ 13.191218] ? __pfx_kthread+0x10/0x10 [ 13.191237] ret_from_fork+0x41/0x80 [ 13.191258] ? __pfx_kthread+0x10/0x10 [ 13.191276] ret_from_fork_asm+0x1a/0x30 [ 13.191309] </TASK> [ 13.191319] [ 13.200236] Allocated by task 280: [ 13.200432] kasan_save_stack+0x45/0x70 [ 13.200672] kasan_save_track+0x18/0x40 [ 13.200880] kasan_save_alloc_info+0x3b/0x50 [ 13.201087] __kasan_kmalloc+0xb7/0xc0 [ 13.201220] __kmalloc_cache_noprof+0x189/0x420 [ 13.201411] kasan_bitops_generic+0x92/0x1c0 [ 13.201662] kunit_try_run_case+0x1a5/0x480 [ 13.202021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.202204] kthread+0x337/0x6f0 [ 13.202322] ret_from_fork+0x41/0x80 [ 13.202452] ret_from_fork_asm+0x1a/0x30 [ 13.202656] [ 13.202751] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.202751] which belongs to the cache kmalloc-16 of size 16 [ 13.203299] The buggy address is located 8 bytes inside of [ 13.203299] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.203954] [ 13.204038] The buggy address belongs to the physical page: [ 13.204253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.204494] flags: 0x200000000000000(node=0|zone=2) [ 13.204711] page_type: f5(slab) [ 13.204884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.205303] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.205672] page dumped because: kasan: bad access detected [ 13.206142] [ 13.206227] Memory state around the buggy address: [ 13.206418] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.206790] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.207125] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.207368] ^ [ 13.207671] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.207891] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.208222] ================================================================== [ 13.086622] ================================================================== [ 13.087002] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.087720] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.088128] [ 13.088238] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.088295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.088307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.088328] Call Trace: [ 13.088346] <TASK> [ 13.088364] dump_stack_lvl+0x73/0xb0 [ 13.088390] print_report+0xd1/0x650 [ 13.088413] ? __virt_addr_valid+0x1db/0x2d0 [ 13.088435] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.088482] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088506] kasan_report+0x141/0x180 [ 13.088529] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088557] kasan_check_range+0x10c/0x1c0 [ 13.088577] __kasan_check_write+0x18/0x20 [ 13.088597] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088621] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.088645] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.088667] ? trace_hardirqs_on+0x37/0xe0 [ 13.088688] ? kasan_bitops_generic+0x92/0x1c0 [ 13.088713] kasan_bitops_generic+0x121/0x1c0 [ 13.088733] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.088754] ? __pfx_read_tsc+0x10/0x10 [ 13.088774] ? ktime_get_ts64+0x86/0x230 [ 13.088841] kunit_try_run_case+0x1a5/0x480 [ 13.088868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.088914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.088949] ? __kthread_parkme+0x82/0x180 [ 13.088971] ? preempt_count_sub+0x50/0x80 [ 13.088997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.089021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.089043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.089066] kthread+0x337/0x6f0 [ 13.089083] ? trace_preempt_on+0x20/0xc0 [ 13.089105] ? __pfx_kthread+0x10/0x10 [ 13.089123] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.089144] ? calculate_sigpending+0x7b/0xa0 [ 13.089166] ? __pfx_kthread+0x10/0x10 [ 13.089184] ret_from_fork+0x41/0x80 [ 13.089204] ? __pfx_kthread+0x10/0x10 [ 13.089223] ret_from_fork_asm+0x1a/0x30 [ 13.089254] </TASK> [ 13.089265] [ 13.098100] Allocated by task 280: [ 13.098294] kasan_save_stack+0x45/0x70 [ 13.098471] kasan_save_track+0x18/0x40 [ 13.098669] kasan_save_alloc_info+0x3b/0x50 [ 13.098935] __kasan_kmalloc+0xb7/0xc0 [ 13.099174] __kmalloc_cache_noprof+0x189/0x420 [ 13.099357] kasan_bitops_generic+0x92/0x1c0 [ 13.099561] kunit_try_run_case+0x1a5/0x480 [ 13.099815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.100039] kthread+0x337/0x6f0 [ 13.100212] ret_from_fork+0x41/0x80 [ 13.100365] ret_from_fork_asm+0x1a/0x30 [ 13.100506] [ 13.100576] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.100576] which belongs to the cache kmalloc-16 of size 16 [ 13.101324] The buggy address is located 8 bytes inside of [ 13.101324] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.101972] [ 13.102072] The buggy address belongs to the physical page: [ 13.102328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.103063] flags: 0x200000000000000(node=0|zone=2) [ 13.103240] page_type: f5(slab) [ 13.103367] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.103887] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.104240] page dumped because: kasan: bad access detected [ 13.104497] [ 13.104580] Memory state around the buggy address: [ 13.104831] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.105140] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.105423] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.105639] ^ [ 13.106153] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.106413] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.106691] ================================================================== [ 13.248222] ================================================================== [ 13.248537] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249263] Read of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.249566] [ 13.249671] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.249776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.249789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.249810] Call Trace: [ 13.249828] <TASK> [ 13.249844] dump_stack_lvl+0x73/0xb0 [ 13.249871] print_report+0xd1/0x650 [ 13.249895] ? __virt_addr_valid+0x1db/0x2d0 [ 13.249928] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.249975] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249999] kasan_report+0x141/0x180 [ 13.250021] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.250050] __asan_report_load8_noabort+0x18/0x20 [ 13.250071] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.250098] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.250122] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.250143] ? trace_hardirqs_on+0x37/0xe0 [ 13.250166] ? kasan_bitops_generic+0x92/0x1c0 [ 13.250191] kasan_bitops_generic+0x121/0x1c0 [ 13.250211] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.250232] ? __pfx_read_tsc+0x10/0x10 [ 13.250253] ? ktime_get_ts64+0x86/0x230 [ 13.250277] kunit_try_run_case+0x1a5/0x480 [ 13.250302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.250347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.250371] ? __kthread_parkme+0x82/0x180 [ 13.250393] ? preempt_count_sub+0x50/0x80 [ 13.250419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.250465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.250488] kthread+0x337/0x6f0 [ 13.250505] ? trace_preempt_on+0x20/0xc0 [ 13.250527] ? __pfx_kthread+0x10/0x10 [ 13.250545] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.250567] ? calculate_sigpending+0x7b/0xa0 [ 13.250608] ? __pfx_kthread+0x10/0x10 [ 13.250626] ret_from_fork+0x41/0x80 [ 13.250647] ? __pfx_kthread+0x10/0x10 [ 13.250665] ret_from_fork_asm+0x1a/0x30 [ 13.250697] </TASK> [ 13.250758] [ 13.258542] Allocated by task 280: [ 13.258814] kasan_save_stack+0x45/0x70 [ 13.259037] kasan_save_track+0x18/0x40 [ 13.259229] kasan_save_alloc_info+0x3b/0x50 [ 13.259432] __kasan_kmalloc+0xb7/0xc0 [ 13.259642] __kmalloc_cache_noprof+0x189/0x420 [ 13.259938] kasan_bitops_generic+0x92/0x1c0 [ 13.260151] kunit_try_run_case+0x1a5/0x480 [ 13.260360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.260532] kthread+0x337/0x6f0 [ 13.261167] ret_from_fork+0x41/0x80 [ 13.261368] ret_from_fork_asm+0x1a/0x30 [ 13.261521] [ 13.261594] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.261594] which belongs to the cache kmalloc-16 of size 16 [ 13.262154] The buggy address is located 8 bytes inside of [ 13.262154] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.262731] [ 13.262830] The buggy address belongs to the physical page: [ 13.263061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.263394] flags: 0x200000000000000(node=0|zone=2) [ 13.263608] page_type: f5(slab) [ 13.263759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.264076] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.264372] page dumped because: kasan: bad access detected [ 13.264573] [ 13.264666] Memory state around the buggy address: [ 13.264891] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.265240] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.265507] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.265804] ^ [ 13.266068] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.266381] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.266779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.024981] ================================================================== [ 13.025314] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.025646] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.026087] [ 13.026186] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.026235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.026248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.026270] Call Trace: [ 13.026289] <TASK> [ 13.026307] dump_stack_lvl+0x73/0xb0 [ 13.026332] print_report+0xd1/0x650 [ 13.026354] ? __virt_addr_valid+0x1db/0x2d0 [ 13.026379] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.026400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.026423] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.026445] kasan_report+0x141/0x180 [ 13.026469] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.026495] kasan_check_range+0x10c/0x1c0 [ 13.026515] __kasan_check_write+0x18/0x20 [ 13.026534] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.026556] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.026578] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.026599] ? trace_hardirqs_on+0x37/0xe0 [ 13.026621] ? kasan_bitops_generic+0x92/0x1c0 [ 13.026645] kasan_bitops_generic+0x116/0x1c0 [ 13.026665] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.026687] ? __pfx_read_tsc+0x10/0x10 [ 13.026707] ? ktime_get_ts64+0x86/0x230 [ 13.026732] kunit_try_run_case+0x1a5/0x480 [ 13.026757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.026802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.026826] ? __kthread_parkme+0x82/0x180 [ 13.026889] ? preempt_count_sub+0x50/0x80 [ 13.026926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.026973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.026996] kthread+0x337/0x6f0 [ 13.027014] ? trace_preempt_on+0x20/0xc0 [ 13.027036] ? __pfx_kthread+0x10/0x10 [ 13.027054] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.027075] ? calculate_sigpending+0x7b/0xa0 [ 13.027097] ? __pfx_kthread+0x10/0x10 [ 13.027115] ret_from_fork+0x41/0x80 [ 13.027136] ? __pfx_kthread+0x10/0x10 [ 13.027153] ret_from_fork_asm+0x1a/0x30 [ 13.027185] </TASK> [ 13.027195] [ 13.035601] Allocated by task 280: [ 13.036034] kasan_save_stack+0x45/0x70 [ 13.036251] kasan_save_track+0x18/0x40 [ 13.036488] kasan_save_alloc_info+0x3b/0x50 [ 13.036701] __kasan_kmalloc+0xb7/0xc0 [ 13.036867] __kmalloc_cache_noprof+0x189/0x420 [ 13.037038] kasan_bitops_generic+0x92/0x1c0 [ 13.037253] kunit_try_run_case+0x1a5/0x480 [ 13.037450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037814] kthread+0x337/0x6f0 [ 13.037952] ret_from_fork+0x41/0x80 [ 13.038083] ret_from_fork_asm+0x1a/0x30 [ 13.038222] [ 13.038294] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.038294] which belongs to the cache kmalloc-16 of size 16 [ 13.038776] The buggy address is located 8 bytes inside of [ 13.038776] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.039356] [ 13.039455] The buggy address belongs to the physical page: [ 13.039759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.040091] flags: 0x200000000000000(node=0|zone=2) [ 13.040272] page_type: f5(slab) [ 13.040401] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.040986] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.041329] page dumped because: kasan: bad access detected [ 13.041590] [ 13.041667] Memory state around the buggy address: [ 13.042240] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.042465] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.042679] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.043008] ^ [ 13.043412] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.043641] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.043853] ================================================================== [ 12.964591] ================================================================== [ 12.965076] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.965424] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 12.966058] [ 12.966185] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.966233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.966244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.966267] Call Trace: [ 12.966284] <TASK> [ 12.966302] dump_stack_lvl+0x73/0xb0 [ 12.966328] print_report+0xd1/0x650 [ 12.966350] ? __virt_addr_valid+0x1db/0x2d0 [ 12.966372] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.966395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.966418] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.966440] kasan_report+0x141/0x180 [ 12.966462] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.966489] kasan_check_range+0x10c/0x1c0 [ 12.966510] __kasan_check_write+0x18/0x20 [ 12.966530] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.966554] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.966577] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.966598] ? trace_hardirqs_on+0x37/0xe0 [ 12.966621] ? kasan_bitops_generic+0x92/0x1c0 [ 12.966645] kasan_bitops_generic+0x116/0x1c0 [ 12.966665] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.966687] ? __pfx_read_tsc+0x10/0x10 [ 12.966707] ? ktime_get_ts64+0x86/0x230 [ 12.966734] kunit_try_run_case+0x1a5/0x480 [ 12.966759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.966805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.966828] ? __kthread_parkme+0x82/0x180 [ 12.966849] ? preempt_count_sub+0x50/0x80 [ 12.966874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.966935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.966957] kthread+0x337/0x6f0 [ 12.966974] ? trace_preempt_on+0x20/0xc0 [ 12.966996] ? __pfx_kthread+0x10/0x10 [ 12.967062] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.967086] ? calculate_sigpending+0x7b/0xa0 [ 12.967108] ? __pfx_kthread+0x10/0x10 [ 12.967126] ret_from_fork+0x41/0x80 [ 12.967147] ? __pfx_kthread+0x10/0x10 [ 12.967164] ret_from_fork_asm+0x1a/0x30 [ 12.967196] </TASK> [ 12.967206] [ 12.974981] Allocated by task 280: [ 12.975164] kasan_save_stack+0x45/0x70 [ 12.975360] kasan_save_track+0x18/0x40 [ 12.975520] kasan_save_alloc_info+0x3b/0x50 [ 12.975735] __kasan_kmalloc+0xb7/0xc0 [ 12.975925] __kmalloc_cache_noprof+0x189/0x420 [ 12.976119] kasan_bitops_generic+0x92/0x1c0 [ 12.976322] kunit_try_run_case+0x1a5/0x480 [ 12.976505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.976813] kthread+0x337/0x6f0 [ 12.976985] ret_from_fork+0x41/0x80 [ 12.977137] ret_from_fork_asm+0x1a/0x30 [ 12.977315] [ 12.977385] The buggy address belongs to the object at ffff8881025a7fe0 [ 12.977385] which belongs to the cache kmalloc-16 of size 16 [ 12.977751] The buggy address is located 8 bytes inside of [ 12.977751] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 12.978268] [ 12.978366] The buggy address belongs to the physical page: [ 12.978723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 12.978980] flags: 0x200000000000000(node=0|zone=2) [ 12.979579] page_type: f5(slab) [ 12.979767] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.980130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.980471] page dumped because: kasan: bad access detected [ 12.980730] [ 12.980800] Memory state around the buggy address: [ 12.981041] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 12.981308] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.981522] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 12.982110] ^ [ 12.982350] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.982566] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.982914] ================================================================== [ 13.003165] ================================================================== [ 13.003501] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.004161] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.004505] [ 13.004640] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.004688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.004700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.004760] Call Trace: [ 13.004779] <TASK> [ 13.004795] dump_stack_lvl+0x73/0xb0 [ 13.004820] print_report+0xd1/0x650 [ 13.004844] ? __virt_addr_valid+0x1db/0x2d0 [ 13.004866] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.004887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.004910] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.004945] kasan_report+0x141/0x180 [ 13.004968] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.004997] kasan_check_range+0x10c/0x1c0 [ 13.005017] __kasan_check_write+0x18/0x20 [ 13.005036] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.005058] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.005081] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.005102] ? trace_hardirqs_on+0x37/0xe0 [ 13.005125] ? kasan_bitops_generic+0x92/0x1c0 [ 13.005149] kasan_bitops_generic+0x116/0x1c0 [ 13.005168] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.005189] ? __pfx_read_tsc+0x10/0x10 [ 13.005210] ? ktime_get_ts64+0x86/0x230 [ 13.005235] kunit_try_run_case+0x1a5/0x480 [ 13.005260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.005282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.005306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.005329] ? __kthread_parkme+0x82/0x180 [ 13.005350] ? preempt_count_sub+0x50/0x80 [ 13.005376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.005400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.005422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.005445] kthread+0x337/0x6f0 [ 13.005462] ? trace_preempt_on+0x20/0xc0 [ 13.005484] ? __pfx_kthread+0x10/0x10 [ 13.005502] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.005523] ? calculate_sigpending+0x7b/0xa0 [ 13.005544] ? __pfx_kthread+0x10/0x10 [ 13.005563] ret_from_fork+0x41/0x80 [ 13.005582] ? __pfx_kthread+0x10/0x10 [ 13.005600] ret_from_fork_asm+0x1a/0x30 [ 13.005631] </TASK> [ 13.005641] [ 13.013950] Allocated by task 280: [ 13.014145] kasan_save_stack+0x45/0x70 [ 13.014357] kasan_save_track+0x18/0x40 [ 13.014547] kasan_save_alloc_info+0x3b/0x50 [ 13.014799] __kasan_kmalloc+0xb7/0xc0 [ 13.014999] __kmalloc_cache_noprof+0x189/0x420 [ 13.015176] kasan_bitops_generic+0x92/0x1c0 [ 13.015369] kunit_try_run_case+0x1a5/0x480 [ 13.015518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.016022] kthread+0x337/0x6f0 [ 13.016177] ret_from_fork+0x41/0x80 [ 13.016354] ret_from_fork_asm+0x1a/0x30 [ 13.016537] [ 13.016666] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.016666] which belongs to the cache kmalloc-16 of size 16 [ 13.017146] The buggy address is located 8 bytes inside of [ 13.017146] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.017541] [ 13.017620] The buggy address belongs to the physical page: [ 13.017794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.018476] flags: 0x200000000000000(node=0|zone=2) [ 13.019824] page_type: f5(slab) [ 13.020265] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.020779] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.021309] page dumped because: kasan: bad access detected [ 13.021554] [ 13.021818] Memory state around the buggy address: [ 13.022220] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.022519] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.023285] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.023565] ^ [ 13.023849] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.024262] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.024516] ================================================================== [ 12.983459] ================================================================== [ 12.984201] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.984585] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 12.984809] [ 12.984897] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.984960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.984972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.984993] Call Trace: [ 12.985011] <TASK> [ 12.985029] dump_stack_lvl+0x73/0xb0 [ 12.985055] print_report+0xd1/0x650 [ 12.985077] ? __virt_addr_valid+0x1db/0x2d0 [ 12.985099] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.985120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.985143] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.985165] kasan_report+0x141/0x180 [ 12.985188] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.985214] kasan_check_range+0x10c/0x1c0 [ 12.985234] __kasan_check_write+0x18/0x20 [ 12.985254] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.985276] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.985299] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.985322] ? trace_hardirqs_on+0x37/0xe0 [ 12.985345] ? kasan_bitops_generic+0x92/0x1c0 [ 12.985370] kasan_bitops_generic+0x116/0x1c0 [ 12.985390] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.985413] ? __pfx_read_tsc+0x10/0x10 [ 12.985432] ? ktime_get_ts64+0x86/0x230 [ 12.985458] kunit_try_run_case+0x1a5/0x480 [ 12.985483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.985505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.985529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.985552] ? __kthread_parkme+0x82/0x180 [ 12.985635] ? preempt_count_sub+0x50/0x80 [ 12.985668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.985692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.985746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.985770] kthread+0x337/0x6f0 [ 12.985788] ? trace_preempt_on+0x20/0xc0 [ 12.985810] ? __pfx_kthread+0x10/0x10 [ 12.985829] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.985850] ? calculate_sigpending+0x7b/0xa0 [ 12.985873] ? __pfx_kthread+0x10/0x10 [ 12.985890] ret_from_fork+0x41/0x80 [ 12.985911] ? __pfx_kthread+0x10/0x10 [ 12.985941] ret_from_fork_asm+0x1a/0x30 [ 12.985973] </TASK> [ 12.985983] [ 12.994278] Allocated by task 280: [ 12.994469] kasan_save_stack+0x45/0x70 [ 12.995019] kasan_save_track+0x18/0x40 [ 12.995234] kasan_save_alloc_info+0x3b/0x50 [ 12.995402] __kasan_kmalloc+0xb7/0xc0 [ 12.995617] __kmalloc_cache_noprof+0x189/0x420 [ 12.995868] kasan_bitops_generic+0x92/0x1c0 [ 12.996078] kunit_try_run_case+0x1a5/0x480 [ 12.996225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.996480] kthread+0x337/0x6f0 [ 12.996765] ret_from_fork+0x41/0x80 [ 12.996937] ret_from_fork_asm+0x1a/0x30 [ 12.997122] [ 12.997212] The buggy address belongs to the object at ffff8881025a7fe0 [ 12.997212] which belongs to the cache kmalloc-16 of size 16 [ 12.997641] The buggy address is located 8 bytes inside of [ 12.997641] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 12.998325] [ 12.998405] The buggy address belongs to the physical page: [ 12.998674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 12.999106] flags: 0x200000000000000(node=0|zone=2) [ 12.999270] page_type: f5(slab) [ 12.999394] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.999623] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.999846] page dumped because: kasan: bad access detected [ 13.000212] [ 13.000311] Memory state around the buggy address: [ 13.000534] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.001228] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.001573] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.001931] ^ [ 13.002147] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.002364] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.002580] ================================================================== [ 12.923731] ================================================================== [ 12.924277] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.924964] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 12.925271] [ 12.925377] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.925429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.925441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.925464] Call Trace: [ 12.925476] <TASK> [ 12.925495] dump_stack_lvl+0x73/0xb0 [ 12.925524] print_report+0xd1/0x650 [ 12.925547] ? __virt_addr_valid+0x1db/0x2d0 [ 12.925570] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.925591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.925615] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.925637] kasan_report+0x141/0x180 [ 12.925660] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.925687] kasan_check_range+0x10c/0x1c0 [ 12.925707] __kasan_check_write+0x18/0x20 [ 12.926156] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.926183] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.926205] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.926230] ? trace_hardirqs_on+0x37/0xe0 [ 12.926254] ? kasan_bitops_generic+0x92/0x1c0 [ 12.926278] kasan_bitops_generic+0x116/0x1c0 [ 12.926299] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.926320] ? __pfx_read_tsc+0x10/0x10 [ 12.926340] ? ktime_get_ts64+0x86/0x230 [ 12.926366] kunit_try_run_case+0x1a5/0x480 [ 12.926392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.926414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.926438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.926461] ? __kthread_parkme+0x82/0x180 [ 12.926483] ? preempt_count_sub+0x50/0x80 [ 12.926510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.926533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.926555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.926579] kthread+0x337/0x6f0 [ 12.926595] ? trace_preempt_on+0x20/0xc0 [ 12.926619] ? __pfx_kthread+0x10/0x10 [ 12.926638] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.926659] ? calculate_sigpending+0x7b/0xa0 [ 12.926681] ? __pfx_kthread+0x10/0x10 [ 12.926699] ret_from_fork+0x41/0x80 [ 12.926721] ? __pfx_kthread+0x10/0x10 [ 12.926738] ret_from_fork_asm+0x1a/0x30 [ 12.926771] </TASK> [ 12.926782] [ 12.935379] Allocated by task 280: [ 12.935527] kasan_save_stack+0x45/0x70 [ 12.935974] kasan_save_track+0x18/0x40 [ 12.936168] kasan_save_alloc_info+0x3b/0x50 [ 12.936334] __kasan_kmalloc+0xb7/0xc0 [ 12.936468] __kmalloc_cache_noprof+0x189/0x420 [ 12.936632] kasan_bitops_generic+0x92/0x1c0 [ 12.936835] kunit_try_run_case+0x1a5/0x480 [ 12.937057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.937388] kthread+0x337/0x6f0 [ 12.937531] ret_from_fork+0x41/0x80 [ 12.937682] ret_from_fork_asm+0x1a/0x30 [ 12.937821] [ 12.937891] The buggy address belongs to the object at ffff8881025a7fe0 [ 12.937891] which belongs to the cache kmalloc-16 of size 16 [ 12.938900] The buggy address is located 8 bytes inside of [ 12.938900] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 12.939416] [ 12.939522] The buggy address belongs to the physical page: [ 12.939832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 12.940172] flags: 0x200000000000000(node=0|zone=2) [ 12.940364] page_type: f5(slab) [ 12.940490] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.940950] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.941232] page dumped because: kasan: bad access detected [ 12.941403] [ 12.941471] Memory state around the buggy address: [ 12.941627] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 12.942173] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.942492] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 12.942926] ^ [ 12.943238] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.943541] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.943965] ================================================================== [ 13.044677] ================================================================== [ 13.045248] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.045651] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.045995] [ 13.046087] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.046135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.046148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.046169] Call Trace: [ 13.046187] <TASK> [ 13.046205] dump_stack_lvl+0x73/0xb0 [ 13.046231] print_report+0xd1/0x650 [ 13.046253] ? __virt_addr_valid+0x1db/0x2d0 [ 13.046275] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.046297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.046318] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.046340] kasan_report+0x141/0x180 [ 13.046363] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.046390] kasan_check_range+0x10c/0x1c0 [ 13.046409] __kasan_check_write+0x18/0x20 [ 13.046432] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.046454] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.046476] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.046497] ? trace_hardirqs_on+0x37/0xe0 [ 13.046519] ? kasan_bitops_generic+0x92/0x1c0 [ 13.046543] kasan_bitops_generic+0x116/0x1c0 [ 13.046563] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.046585] ? __pfx_read_tsc+0x10/0x10 [ 13.046604] ? ktime_get_ts64+0x86/0x230 [ 13.046630] kunit_try_run_case+0x1a5/0x480 [ 13.046654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.046701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.046743] ? __kthread_parkme+0x82/0x180 [ 13.046766] ? preempt_count_sub+0x50/0x80 [ 13.046791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.046838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.046860] kthread+0x337/0x6f0 [ 13.046877] ? trace_preempt_on+0x20/0xc0 [ 13.046899] ? __pfx_kthread+0x10/0x10 [ 13.046927] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.046948] ? calculate_sigpending+0x7b/0xa0 [ 13.046970] ? __pfx_kthread+0x10/0x10 [ 13.046989] ret_from_fork+0x41/0x80 [ 13.047009] ? __pfx_kthread+0x10/0x10 [ 13.047027] ret_from_fork_asm+0x1a/0x30 [ 13.047059] </TASK> [ 13.047070] [ 13.055678] Allocated by task 280: [ 13.056089] kasan_save_stack+0x45/0x70 [ 13.056302] kasan_save_track+0x18/0x40 [ 13.056439] kasan_save_alloc_info+0x3b/0x50 [ 13.056620] __kasan_kmalloc+0xb7/0xc0 [ 13.056935] __kmalloc_cache_noprof+0x189/0x420 [ 13.057160] kasan_bitops_generic+0x92/0x1c0 [ 13.057369] kunit_try_run_case+0x1a5/0x480 [ 13.057562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057746] kthread+0x337/0x6f0 [ 13.057866] ret_from_fork+0x41/0x80 [ 13.058009] ret_from_fork_asm+0x1a/0x30 [ 13.058202] [ 13.058299] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.058299] which belongs to the cache kmalloc-16 of size 16 [ 13.058954] The buggy address is located 8 bytes inside of [ 13.058954] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.059408] [ 13.059504] The buggy address belongs to the physical page: [ 13.060054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.060371] flags: 0x200000000000000(node=0|zone=2) [ 13.060588] page_type: f5(slab) [ 13.060714] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.061021] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.061361] page dumped because: kasan: bad access detected [ 13.061654] [ 13.061773] Memory state around the buggy address: [ 13.061989] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.062284] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.062558] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.062913] ^ [ 13.063130] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.063428] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.063742] ================================================================== [ 12.944531] ================================================================== [ 12.944817] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.945532] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 12.946100] [ 12.946219] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.946266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.946278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.946300] Call Trace: [ 12.946318] <TASK> [ 12.946336] dump_stack_lvl+0x73/0xb0 [ 12.946362] print_report+0xd1/0x650 [ 12.946385] ? __virt_addr_valid+0x1db/0x2d0 [ 12.946407] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.946429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.946452] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.946474] kasan_report+0x141/0x180 [ 12.946497] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.946524] kasan_check_range+0x10c/0x1c0 [ 12.946546] __kasan_check_write+0x18/0x20 [ 12.946565] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.946588] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.946611] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.946632] ? trace_hardirqs_on+0x37/0xe0 [ 12.946655] ? kasan_bitops_generic+0x92/0x1c0 [ 12.946679] kasan_bitops_generic+0x116/0x1c0 [ 12.946698] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.946739] ? __pfx_read_tsc+0x10/0x10 [ 12.946759] ? ktime_get_ts64+0x86/0x230 [ 12.946784] kunit_try_run_case+0x1a5/0x480 [ 12.946810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.946832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.946855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.946879] ? __kthread_parkme+0x82/0x180 [ 12.946900] ? preempt_count_sub+0x50/0x80 [ 12.946941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.946965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.946987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.947010] kthread+0x337/0x6f0 [ 12.947027] ? trace_preempt_on+0x20/0xc0 [ 12.947048] ? __pfx_kthread+0x10/0x10 [ 12.947066] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.947087] ? calculate_sigpending+0x7b/0xa0 [ 12.947109] ? __pfx_kthread+0x10/0x10 [ 12.947127] ret_from_fork+0x41/0x80 [ 12.947148] ? __pfx_kthread+0x10/0x10 [ 12.947165] ret_from_fork_asm+0x1a/0x30 [ 12.947196] </TASK> [ 12.947208] [ 12.955447] Allocated by task 280: [ 12.955666] kasan_save_stack+0x45/0x70 [ 12.955876] kasan_save_track+0x18/0x40 [ 12.956077] kasan_save_alloc_info+0x3b/0x50 [ 12.956294] __kasan_kmalloc+0xb7/0xc0 [ 12.956578] __kmalloc_cache_noprof+0x189/0x420 [ 12.956727] kasan_bitops_generic+0x92/0x1c0 [ 12.956871] kunit_try_run_case+0x1a5/0x480 [ 12.957024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957512] kthread+0x337/0x6f0 [ 12.957823] ret_from_fork+0x41/0x80 [ 12.958018] ret_from_fork_asm+0x1a/0x30 [ 12.958218] [ 12.958314] The buggy address belongs to the object at ffff8881025a7fe0 [ 12.958314] which belongs to the cache kmalloc-16 of size 16 [ 12.958732] The buggy address is located 8 bytes inside of [ 12.958732] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 12.959092] [ 12.959182] The buggy address belongs to the physical page: [ 12.959448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 12.960458] flags: 0x200000000000000(node=0|zone=2) [ 12.960733] page_type: f5(slab) [ 12.960987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.961268] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.961572] page dumped because: kasan: bad access detected [ 12.961983] [ 12.962079] Memory state around the buggy address: [ 12.962258] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 12.962540] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.962784] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 12.963100] ^ [ 12.963300] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.963513] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.963725] ================================================================== [ 13.064523] ================================================================== [ 13.064804] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.065135] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.065357] [ 13.065446] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.065492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.065504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.065525] Call Trace: [ 13.065559] <TASK> [ 13.065578] dump_stack_lvl+0x73/0xb0 [ 13.065602] print_report+0xd1/0x650 [ 13.065624] ? __virt_addr_valid+0x1db/0x2d0 [ 13.065646] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.065667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.065690] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.065712] kasan_report+0x141/0x180 [ 13.065734] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.065760] kasan_check_range+0x10c/0x1c0 [ 13.065781] __kasan_check_write+0x18/0x20 [ 13.065800] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.065822] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.065845] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.065868] ? trace_hardirqs_on+0x37/0xe0 [ 13.065893] ? kasan_bitops_generic+0x92/0x1c0 [ 13.065929] kasan_bitops_generic+0x116/0x1c0 [ 13.065950] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.065972] ? __pfx_read_tsc+0x10/0x10 [ 13.065991] ? ktime_get_ts64+0x86/0x230 [ 13.066018] kunit_try_run_case+0x1a5/0x480 [ 13.066044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.066066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.066090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.066114] ? __kthread_parkme+0x82/0x180 [ 13.066137] ? preempt_count_sub+0x50/0x80 [ 13.066163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.066187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.066211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.066234] kthread+0x337/0x6f0 [ 13.066250] ? trace_preempt_on+0x20/0xc0 [ 13.066272] ? __pfx_kthread+0x10/0x10 [ 13.066291] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.066312] ? calculate_sigpending+0x7b/0xa0 [ 13.066333] ? __pfx_kthread+0x10/0x10 [ 13.066352] ret_from_fork+0x41/0x80 [ 13.066372] ? __pfx_kthread+0x10/0x10 [ 13.066390] ret_from_fork_asm+0x1a/0x30 [ 13.066421] </TASK> [ 13.066432] [ 13.075200] Allocated by task 280: [ 13.075407] kasan_save_stack+0x45/0x70 [ 13.075613] kasan_save_track+0x18/0x40 [ 13.075853] kasan_save_alloc_info+0x3b/0x50 [ 13.076064] __kasan_kmalloc+0xb7/0xc0 [ 13.076253] __kmalloc_cache_noprof+0x189/0x420 [ 13.076433] kasan_bitops_generic+0x92/0x1c0 [ 13.076579] kunit_try_run_case+0x1a5/0x480 [ 13.076811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077085] kthread+0x337/0x6f0 [ 13.077258] ret_from_fork+0x41/0x80 [ 13.077443] ret_from_fork_asm+0x1a/0x30 [ 13.077750] [ 13.077853] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.077853] which belongs to the cache kmalloc-16 of size 16 [ 13.078273] The buggy address is located 8 bytes inside of [ 13.078273] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.078632] [ 13.078727] The buggy address belongs to the physical page: [ 13.078983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.079388] flags: 0x200000000000000(node=0|zone=2) [ 13.079753] page_type: f5(slab) [ 13.080055] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.080296] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.080523] page dumped because: kasan: bad access detected [ 13.081824] [ 13.082033] Memory state around the buggy address: [ 13.082424] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.083227] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.083685] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.084140] ^ [ 13.084423] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.085073] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.085376] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 12.897235] ================================================================== [ 12.897505] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 12.898070] Read of size 1 at addr ffff888102a07fd0 by task kunit_try_catch/278 [ 12.898384] [ 12.898492] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.898539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.898551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.898575] Call Trace: [ 12.898594] <TASK> [ 12.898613] dump_stack_lvl+0x73/0xb0 [ 12.898638] print_report+0xd1/0x650 [ 12.898661] ? __virt_addr_valid+0x1db/0x2d0 [ 12.898684] ? strnlen+0x73/0x80 [ 12.898701] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.898770] ? strnlen+0x73/0x80 [ 12.898791] kasan_report+0x141/0x180 [ 12.898813] ? strnlen+0x73/0x80 [ 12.898836] __asan_report_load1_noabort+0x18/0x20 [ 12.898858] strnlen+0x73/0x80 [ 12.898877] kasan_strings+0x615/0xe80 [ 12.898897] ? trace_hardirqs_on+0x37/0xe0 [ 12.898934] ? __pfx_kasan_strings+0x10/0x10 [ 12.898954] ? finish_task_switch.isra.0+0x153/0x700 [ 12.898979] ? __switch_to+0x5d9/0xf60 [ 12.898999] ? dequeue_task_fair+0x156/0x4e0 [ 12.899023] ? __schedule+0x10cc/0x2b60 [ 12.899046] ? __pfx_read_tsc+0x10/0x10 [ 12.899066] ? ktime_get_ts64+0x86/0x230 [ 12.899090] kunit_try_run_case+0x1a5/0x480 [ 12.899116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.899161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.899184] ? __kthread_parkme+0x82/0x180 [ 12.899206] ? preempt_count_sub+0x50/0x80 [ 12.899231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.899277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.899299] kthread+0x337/0x6f0 [ 12.899315] ? trace_preempt_on+0x20/0xc0 [ 12.899337] ? __pfx_kthread+0x10/0x10 [ 12.899355] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.899376] ? calculate_sigpending+0x7b/0xa0 [ 12.899397] ? __pfx_kthread+0x10/0x10 [ 12.899415] ret_from_fork+0x41/0x80 [ 12.899435] ? __pfx_kthread+0x10/0x10 [ 12.899453] ret_from_fork_asm+0x1a/0x30 [ 12.899485] </TASK> [ 12.899495] [ 12.908026] Allocated by task 278: [ 12.908422] kasan_save_stack+0x45/0x70 [ 12.908756] kasan_save_track+0x18/0x40 [ 12.908966] kasan_save_alloc_info+0x3b/0x50 [ 12.909171] __kasan_kmalloc+0xb7/0xc0 [ 12.909349] __kmalloc_cache_noprof+0x189/0x420 [ 12.909616] kasan_strings+0xc0/0xe80 [ 12.909875] kunit_try_run_case+0x1a5/0x480 [ 12.910037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.910212] kthread+0x337/0x6f0 [ 12.910328] ret_from_fork+0x41/0x80 [ 12.910512] ret_from_fork_asm+0x1a/0x30 [ 12.910870] [ 12.910983] Freed by task 278: [ 12.911140] kasan_save_stack+0x45/0x70 [ 12.911329] kasan_save_track+0x18/0x40 [ 12.911516] kasan_save_free_info+0x3f/0x60 [ 12.912032] __kasan_slab_free+0x56/0x70 [ 12.912224] kfree+0x222/0x3f0 [ 12.912378] kasan_strings+0x2aa/0xe80 [ 12.912566] kunit_try_run_case+0x1a5/0x480 [ 12.912727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912981] kthread+0x337/0x6f0 [ 12.913113] ret_from_fork+0x41/0x80 [ 12.913286] ret_from_fork_asm+0x1a/0x30 [ 12.913453] [ 12.913536] The buggy address belongs to the object at ffff888102a07fc0 [ 12.913536] which belongs to the cache kmalloc-32 of size 32 [ 12.914054] The buggy address is located 16 bytes inside of [ 12.914054] freed 32-byte region [ffff888102a07fc0, ffff888102a07fe0) [ 12.914404] [ 12.914475] The buggy address belongs to the physical page: [ 12.914903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 12.915273] flags: 0x200000000000000(node=0|zone=2) [ 12.915513] page_type: f5(slab) [ 12.915684] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.915956] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 12.916182] page dumped because: kasan: bad access detected [ 12.916364] [ 12.916480] Memory state around the buggy address: [ 12.917069] ffff888102a07e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.917401] ffff888102a07f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.917933] >ffff888102a07f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.918152] ^ [ 12.918373] ffff888102a08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.918684] ffff888102a08080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 12.875476] ================================================================== [ 12.875887] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 12.876197] Read of size 1 at addr ffff888102a07fd0 by task kunit_try_catch/278 [ 12.876439] [ 12.876527] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.876576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.876588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.876610] Call Trace: [ 12.876629] <TASK> [ 12.876646] dump_stack_lvl+0x73/0xb0 [ 12.876669] print_report+0xd1/0x650 [ 12.876693] ? __virt_addr_valid+0x1db/0x2d0 [ 12.876714] ? strlen+0x8f/0xb0 [ 12.876732] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.876755] ? strlen+0x8f/0xb0 [ 12.876773] kasan_report+0x141/0x180 [ 12.876795] ? strlen+0x8f/0xb0 [ 12.876818] __asan_report_load1_noabort+0x18/0x20 [ 12.876839] strlen+0x8f/0xb0 [ 12.876859] kasan_strings+0x57b/0xe80 [ 12.876878] ? trace_hardirqs_on+0x37/0xe0 [ 12.876901] ? __pfx_kasan_strings+0x10/0x10 [ 12.876934] ? finish_task_switch.isra.0+0x153/0x700 [ 12.876960] ? __switch_to+0x5d9/0xf60 [ 12.876981] ? dequeue_task_fair+0x156/0x4e0 [ 12.877006] ? __schedule+0x10cc/0x2b60 [ 12.877028] ? __pfx_read_tsc+0x10/0x10 [ 12.877048] ? ktime_get_ts64+0x86/0x230 [ 12.877075] kunit_try_run_case+0x1a5/0x480 [ 12.877101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.877123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.877146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.877170] ? __kthread_parkme+0x82/0x180 [ 12.877192] ? preempt_count_sub+0x50/0x80 [ 12.877217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.877240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.877263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.877286] kthread+0x337/0x6f0 [ 12.877314] ? trace_preempt_on+0x20/0xc0 [ 12.877336] ? __pfx_kthread+0x10/0x10 [ 12.877353] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.877374] ? calculate_sigpending+0x7b/0xa0 [ 12.877396] ? __pfx_kthread+0x10/0x10 [ 12.877414] ret_from_fork+0x41/0x80 [ 12.877435] ? __pfx_kthread+0x10/0x10 [ 12.877453] ret_from_fork_asm+0x1a/0x30 [ 12.877483] </TASK> [ 12.877493] [ 12.885945] Allocated by task 278: [ 12.886103] kasan_save_stack+0x45/0x70 [ 12.886259] kasan_save_track+0x18/0x40 [ 12.886394] kasan_save_alloc_info+0x3b/0x50 [ 12.886539] __kasan_kmalloc+0xb7/0xc0 [ 12.886723] __kmalloc_cache_noprof+0x189/0x420 [ 12.886946] kasan_strings+0xc0/0xe80 [ 12.887135] kunit_try_run_case+0x1a5/0x480 [ 12.887340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.887970] kthread+0x337/0x6f0 [ 12.888101] ret_from_fork+0x41/0x80 [ 12.888233] ret_from_fork_asm+0x1a/0x30 [ 12.888379] [ 12.888448] Freed by task 278: [ 12.888558] kasan_save_stack+0x45/0x70 [ 12.888695] kasan_save_track+0x18/0x40 [ 12.888851] kasan_save_free_info+0x3f/0x60 [ 12.889208] __kasan_slab_free+0x56/0x70 [ 12.889412] kfree+0x222/0x3f0 [ 12.889573] kasan_strings+0x2aa/0xe80 [ 12.889762] kunit_try_run_case+0x1a5/0x480 [ 12.890011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.890268] kthread+0x337/0x6f0 [ 12.890434] ret_from_fork+0x41/0x80 [ 12.890616] ret_from_fork_asm+0x1a/0x30 [ 12.890809] [ 12.890905] The buggy address belongs to the object at ffff888102a07fc0 [ 12.890905] which belongs to the cache kmalloc-32 of size 32 [ 12.891297] The buggy address is located 16 bytes inside of [ 12.891297] freed 32-byte region [ffff888102a07fc0, ffff888102a07fe0) [ 12.892061] [ 12.892173] The buggy address belongs to the physical page: [ 12.892438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 12.892878] flags: 0x200000000000000(node=0|zone=2) [ 12.893066] page_type: f5(slab) [ 12.893193] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.893424] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 12.893898] page dumped because: kasan: bad access detected [ 12.894170] [ 12.894267] Memory state around the buggy address: [ 12.894497] ffff888102a07e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.894938] ffff888102a07f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.895224] >ffff888102a07f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.895522] ^ [ 12.896042] ffff888102a08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.896353] ffff888102a08080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.896651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 12.853156] ================================================================== [ 12.853788] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 12.854150] Read of size 1 at addr ffff888102a07fd0 by task kunit_try_catch/278 [ 12.854456] [ 12.854550] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.854597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.854609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.854630] Call Trace: [ 12.854648] <TASK> [ 12.854667] dump_stack_lvl+0x73/0xb0 [ 12.854691] print_report+0xd1/0x650 [ 12.854736] ? __virt_addr_valid+0x1db/0x2d0 [ 12.854758] ? kasan_strings+0xcbc/0xe80 [ 12.854779] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.854803] ? kasan_strings+0xcbc/0xe80 [ 12.854825] kasan_report+0x141/0x180 [ 12.854848] ? kasan_strings+0xcbc/0xe80 [ 12.854874] __asan_report_load1_noabort+0x18/0x20 [ 12.854894] kasan_strings+0xcbc/0xe80 [ 12.854914] ? trace_hardirqs_on+0x37/0xe0 [ 12.854948] ? __pfx_kasan_strings+0x10/0x10 [ 12.854968] ? finish_task_switch.isra.0+0x153/0x700 [ 12.854992] ? __switch_to+0x5d9/0xf60 [ 12.855012] ? dequeue_task_fair+0x156/0x4e0 [ 12.855036] ? __schedule+0x10cc/0x2b60 [ 12.855059] ? __pfx_read_tsc+0x10/0x10 [ 12.855078] ? ktime_get_ts64+0x86/0x230 [ 12.855103] kunit_try_run_case+0x1a5/0x480 [ 12.855128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.855150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.855174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.855197] ? __kthread_parkme+0x82/0x180 [ 12.855218] ? preempt_count_sub+0x50/0x80 [ 12.855244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.855267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.855290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.855313] kthread+0x337/0x6f0 [ 12.855329] ? trace_preempt_on+0x20/0xc0 [ 12.855351] ? __pfx_kthread+0x10/0x10 [ 12.855368] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.855389] ? calculate_sigpending+0x7b/0xa0 [ 12.855411] ? __pfx_kthread+0x10/0x10 [ 12.855429] ret_from_fork+0x41/0x80 [ 12.855449] ? __pfx_kthread+0x10/0x10 [ 12.855466] ret_from_fork_asm+0x1a/0x30 [ 12.855497] </TASK> [ 12.855507] [ 12.863564] Allocated by task 278: [ 12.863704] kasan_save_stack+0x45/0x70 [ 12.863853] kasan_save_track+0x18/0x40 [ 12.864258] kasan_save_alloc_info+0x3b/0x50 [ 12.864478] __kasan_kmalloc+0xb7/0xc0 [ 12.864854] __kmalloc_cache_noprof+0x189/0x420 [ 12.865097] kasan_strings+0xc0/0xe80 [ 12.865286] kunit_try_run_case+0x1a5/0x480 [ 12.865497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.865746] kthread+0x337/0x6f0 [ 12.865914] ret_from_fork+0x41/0x80 [ 12.866107] ret_from_fork_asm+0x1a/0x30 [ 12.866306] [ 12.866399] Freed by task 278: [ 12.866568] kasan_save_stack+0x45/0x70 [ 12.866701] kasan_save_track+0x18/0x40 [ 12.866899] kasan_save_free_info+0x3f/0x60 [ 12.867124] __kasan_slab_free+0x56/0x70 [ 12.867324] kfree+0x222/0x3f0 [ 12.867481] kasan_strings+0x2aa/0xe80 [ 12.867708] kunit_try_run_case+0x1a5/0x480 [ 12.867889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868118] kthread+0x337/0x6f0 [ 12.868277] ret_from_fork+0x41/0x80 [ 12.868438] ret_from_fork_asm+0x1a/0x30 [ 12.868820] [ 12.868943] The buggy address belongs to the object at ffff888102a07fc0 [ 12.868943] which belongs to the cache kmalloc-32 of size 32 [ 12.869376] The buggy address is located 16 bytes inside of [ 12.869376] freed 32-byte region [ffff888102a07fc0, ffff888102a07fe0) [ 12.870002] [ 12.870248] The buggy address belongs to the physical page: [ 12.870452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 12.871051] flags: 0x200000000000000(node=0|zone=2) [ 12.871229] page_type: f5(slab) [ 12.871355] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.871593] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 12.871947] page dumped because: kasan: bad access detected [ 12.872205] [ 12.872402] Memory state around the buggy address: [ 12.872952] ffff888102a07e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.873267] ffff888102a07f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.873510] >ffff888102a07f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.873724] ^ [ 12.873904] ffff888102a08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.874226] ffff888102a08080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874669] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 12.777211] ================================================================== [ 12.777661] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 12.778032] Read of size 1 at addr ffff888103a5fc4a by task kunit_try_catch/272 [ 12.778385] [ 12.778508] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.778559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.778571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.778594] Call Trace: [ 12.778607] <TASK> [ 12.778625] dump_stack_lvl+0x73/0xb0 [ 12.778652] print_report+0xd1/0x650 [ 12.778677] ? __virt_addr_valid+0x1db/0x2d0 [ 12.778700] ? kasan_alloca_oob_right+0x329/0x390 [ 12.778722] ? kasan_addr_to_slab+0x11/0xa0 [ 12.778743] ? kasan_alloca_oob_right+0x329/0x390 [ 12.778766] kasan_report+0x141/0x180 [ 12.778868] ? kasan_alloca_oob_right+0x329/0x390 [ 12.778902] __asan_report_load1_noabort+0x18/0x20 [ 12.778938] kasan_alloca_oob_right+0x329/0x390 [ 12.778963] ? finish_task_switch.isra.0+0x153/0x700 [ 12.778988] ? rwsem_down_read_slowpath+0x6be/0xb90 [ 12.779011] ? trace_hardirqs_on+0x37/0xe0 [ 12.779037] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 12.779063] ? __schedule+0x10cc/0x2b60 [ 12.779086] ? __pfx_read_tsc+0x10/0x10 [ 12.779106] ? ktime_get_ts64+0x86/0x230 [ 12.779131] kunit_try_run_case+0x1a5/0x480 [ 12.779157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.779203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.779226] ? __kthread_parkme+0x82/0x180 [ 12.779248] ? preempt_count_sub+0x50/0x80 [ 12.779272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.779318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.779341] kthread+0x337/0x6f0 [ 12.779357] ? trace_preempt_on+0x20/0xc0 [ 12.779379] ? __pfx_kthread+0x10/0x10 [ 12.779397] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.779418] ? calculate_sigpending+0x7b/0xa0 [ 12.779439] ? __pfx_kthread+0x10/0x10 [ 12.779457] ret_from_fork+0x41/0x80 [ 12.779477] ? __pfx_kthread+0x10/0x10 [ 12.779494] ret_from_fork_asm+0x1a/0x30 [ 12.779525] </TASK> [ 12.779536] [ 12.787707] The buggy address belongs to stack of task kunit_try_catch/272 [ 12.788058] [ 12.788154] The buggy address belongs to the physical page: [ 12.788423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5f [ 12.788767] flags: 0x200000000000000(node=0|zone=2) [ 12.789031] raw: 0200000000000000 ffffea00040e97c8 ffffea00040e97c8 0000000000000000 [ 12.789357] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.789800] page dumped because: kasan: bad access detected [ 12.790028] [ 12.790121] Memory state around the buggy address: [ 12.790349] ffff888103a5fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.790646] ffff888103a5fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.790945] >ffff888103a5fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.791220] ^ [ 12.791465] ffff888103a5fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.791764] ffff888103a5fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.792076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 12.754992] ================================================================== [ 12.755468] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 12.755866] Read of size 1 at addr ffff888103a6fc3f by task kunit_try_catch/270 [ 12.756386] [ 12.756488] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.756538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.756550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.756572] Call Trace: [ 12.756583] <TASK> [ 12.756601] dump_stack_lvl+0x73/0xb0 [ 12.756630] print_report+0xd1/0x650 [ 12.756652] ? __virt_addr_valid+0x1db/0x2d0 [ 12.756675] ? kasan_alloca_oob_left+0x320/0x380 [ 12.756698] ? kasan_addr_to_slab+0x11/0xa0 [ 12.756733] ? kasan_alloca_oob_left+0x320/0x380 [ 12.756757] kasan_report+0x141/0x180 [ 12.756779] ? kasan_alloca_oob_left+0x320/0x380 [ 12.756807] __asan_report_load1_noabort+0x18/0x20 [ 12.756828] kasan_alloca_oob_left+0x320/0x380 [ 12.756852] ? finish_task_switch.isra.0+0x153/0x700 [ 12.756877] ? rwsem_down_read_slowpath+0x6be/0xb90 [ 12.756900] ? trace_hardirqs_on+0x37/0xe0 [ 12.756938] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.756960] ? __kasan_check_write+0x18/0x20 [ 12.756980] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.757006] ? trace_hardirqs_on+0x37/0xe0 [ 12.757028] ? __pfx_read_tsc+0x10/0x10 [ 12.757048] ? ktime_get_ts64+0x86/0x230 [ 12.757074] kunit_try_run_case+0x1a5/0x480 [ 12.757099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757124] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.757147] ? __kthread_parkme+0x82/0x180 [ 12.757169] ? preempt_count_sub+0x50/0x80 [ 12.757193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.757265] kthread+0x337/0x6f0 [ 12.757282] ? trace_preempt_on+0x20/0xc0 [ 12.757304] ? __pfx_kthread+0x10/0x10 [ 12.757322] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.757345] ? calculate_sigpending+0x7b/0xa0 [ 12.757374] ? __pfx_kthread+0x10/0x10 [ 12.757393] ret_from_fork+0x41/0x80 [ 12.757413] ? __pfx_kthread+0x10/0x10 [ 12.757431] ret_from_fork_asm+0x1a/0x30 [ 12.757462] </TASK> [ 12.757473] [ 12.765721] The buggy address belongs to stack of task kunit_try_catch/270 [ 12.765991] [ 12.766066] The buggy address belongs to the physical page: [ 12.766242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6f [ 12.766491] flags: 0x200000000000000(node=0|zone=2) [ 12.766670] raw: 0200000000000000 ffffea00040e9bc8 ffffea00040e9bc8 0000000000000000 [ 12.766901] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.767137] page dumped because: kasan: bad access detected [ 12.767310] [ 12.767377] Memory state around the buggy address: [ 12.768009] ffff888103a6fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.768332] ffff888103a6fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.768663] >ffff888103a6fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.768985] ^ [ 12.769213] ffff888103a6fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.769500] ffff888103a6fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.769764] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 12.732027] ================================================================== [ 12.732684] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.733238] Read of size 1 at addr ffff888103a67d02 by task kunit_try_catch/268 [ 12.733535] [ 12.733649] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.733700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.733712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.733736] Call Trace: [ 12.733927] <TASK> [ 12.733954] dump_stack_lvl+0x73/0xb0 [ 12.733988] print_report+0xd1/0x650 [ 12.734014] ? __virt_addr_valid+0x1db/0x2d0 [ 12.734039] ? kasan_stack_oob+0x2b5/0x300 [ 12.734059] ? kasan_addr_to_slab+0x11/0xa0 [ 12.734080] ? kasan_stack_oob+0x2b5/0x300 [ 12.734101] kasan_report+0x141/0x180 [ 12.734124] ? kasan_stack_oob+0x2b5/0x300 [ 12.734149] __asan_report_load1_noabort+0x18/0x20 [ 12.734170] kasan_stack_oob+0x2b5/0x300 [ 12.734191] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.734215] ? __kasan_check_write+0x18/0x20 [ 12.734235] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.734260] ? irqentry_exit+0x2a/0x60 [ 12.734279] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.734306] ? __pfx_read_tsc+0x10/0x10 [ 12.734327] ? ktime_get_ts64+0x86/0x230 [ 12.734354] kunit_try_run_case+0x1a5/0x480 [ 12.734381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.734405] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.734429] ? __kthread_parkme+0x82/0x180 [ 12.734452] ? preempt_count_sub+0x50/0x80 [ 12.734478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.734501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.734525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.734548] kthread+0x337/0x6f0 [ 12.734577] ? trace_preempt_on+0x20/0xc0 [ 12.734602] ? __pfx_kthread+0x10/0x10 [ 12.734620] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.734642] ? calculate_sigpending+0x7b/0xa0 [ 12.734664] ? __pfx_kthread+0x10/0x10 [ 12.734683] ret_from_fork+0x41/0x80 [ 12.734703] ? __pfx_kthread+0x10/0x10 [ 12.734772] ret_from_fork_asm+0x1a/0x30 [ 12.734808] </TASK> [ 12.734820] [ 12.742483] The buggy address belongs to stack of task kunit_try_catch/268 [ 12.742957] and is located at offset 138 in frame: [ 12.743184] kasan_stack_oob+0x0/0x300 [ 12.743514] [ 12.743626] This frame has 4 objects: [ 12.744072] [48, 49) '__assertion' [ 12.744097] [64, 72) 'array' [ 12.744238] [96, 112) '__assertion' [ 12.744402] [128, 138) 'stack_array' [ 12.744574] [ 12.744849] The buggy address belongs to the physical page: [ 12.745080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 12.745395] flags: 0x200000000000000(node=0|zone=2) [ 12.745654] raw: 0200000000000000 ffffea00040e99c8 ffffea00040e99c8 0000000000000000 [ 12.745956] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.746206] page dumped because: kasan: bad access detected [ 12.746377] [ 12.746444] Memory state around the buggy address: [ 12.746628] ffff888103a67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.747216] ffff888103a67c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 12.747537] >ffff888103a67d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.747778] ^ [ 12.747893] ffff888103a67d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 12.748286] ffff888103a67e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.748646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 12.700010] ================================================================== [ 12.700546] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.701686] Read of size 1 at addr ffffffff8a64232d by task kunit_try_catch/264 [ 12.702616] [ 12.703015] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.703074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.703087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.703111] Call Trace: [ 12.703128] <TASK> [ 12.703147] dump_stack_lvl+0x73/0xb0 [ 12.703178] print_report+0xd1/0x650 [ 12.703202] ? __virt_addr_valid+0x1db/0x2d0 [ 12.703225] ? kasan_global_oob_right+0x286/0x2d0 [ 12.703247] ? kasan_addr_to_slab+0x11/0xa0 [ 12.703268] ? kasan_global_oob_right+0x286/0x2d0 [ 12.703291] kasan_report+0x141/0x180 [ 12.703312] ? kasan_global_oob_right+0x286/0x2d0 [ 12.703339] __asan_report_load1_noabort+0x18/0x20 [ 12.703359] kasan_global_oob_right+0x286/0x2d0 [ 12.703381] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.703406] ? __schedule+0x10cc/0x2b60 [ 12.703487] ? __pfx_read_tsc+0x10/0x10 [ 12.703527] ? ktime_get_ts64+0x86/0x230 [ 12.703671] kunit_try_run_case+0x1a5/0x480 [ 12.703704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.703751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.703775] ? __kthread_parkme+0x82/0x180 [ 12.703797] ? preempt_count_sub+0x50/0x80 [ 12.703823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.703870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.703893] kthread+0x337/0x6f0 [ 12.703909] ? trace_preempt_on+0x20/0xc0 [ 12.703995] ? __pfx_kthread+0x10/0x10 [ 12.704016] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.704038] ? calculate_sigpending+0x7b/0xa0 [ 12.704059] ? __pfx_kthread+0x10/0x10 [ 12.704077] ret_from_fork+0x41/0x80 [ 12.704099] ? __pfx_kthread+0x10/0x10 [ 12.704117] ret_from_fork_asm+0x1a/0x30 [ 12.704147] </TASK> [ 12.704159] [ 12.714588] The buggy address belongs to the variable: [ 12.715008] global_array+0xd/0x40 [ 12.715379] [ 12.715490] The buggy address belongs to the physical page: [ 12.716029] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51842 [ 12.716475] flags: 0x100000000002000(reserved|node=0|zone=1) [ 12.717007] raw: 0100000000002000 ffffea0001461088 ffffea0001461088 0000000000000000 [ 12.717440] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.717959] page dumped because: kasan: bad access detected [ 12.718313] [ 12.718475] Memory state around the buggy address: [ 12.718775] ffffffff8a642200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.719230] ffffffff8a642280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.719538] >ffffffff8a642300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 12.720099] ^ [ 12.720413] ffffffff8a642380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 12.720716] ffffffff8a642400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 12.721193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 12.648648] ================================================================== [ 12.649314] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650127] Free of addr ffff8881029f9d01 by task kunit_try_catch/260 [ 12.650423] [ 12.650522] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.650573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.650585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.650607] Call Trace: [ 12.650621] <TASK> [ 12.650641] dump_stack_lvl+0x73/0xb0 [ 12.650672] print_report+0xd1/0x650 [ 12.650696] ? __virt_addr_valid+0x1db/0x2d0 [ 12.650720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.650742] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650769] kasan_report_invalid_free+0x10a/0x130 [ 12.650793] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650820] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650844] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650869] check_slab_allocation+0x11f/0x130 [ 12.650891] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.650926] mempool_free+0x2ec/0x380 [ 12.650951] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.650977] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.651001] ? update_load_avg+0x1be/0x21b0 [ 12.651026] ? finish_task_switch.isra.0+0x153/0x700 [ 12.651054] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.651078] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.651102] ? dequeue_task_fair+0x166/0x4e0 [ 12.651124] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.651143] ? __pfx_mempool_kfree+0x10/0x10 [ 12.651166] ? __pfx_read_tsc+0x10/0x10 [ 12.651187] ? ktime_get_ts64+0x86/0x230 [ 12.651213] kunit_try_run_case+0x1a5/0x480 [ 12.651239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.651261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.651287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.651310] ? __kthread_parkme+0x82/0x180 [ 12.651332] ? preempt_count_sub+0x50/0x80 [ 12.651358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.651381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.651404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.651426] kthread+0x337/0x6f0 [ 12.651442] ? trace_preempt_on+0x20/0xc0 [ 12.651468] ? __pfx_kthread+0x10/0x10 [ 12.651487] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.651509] ? calculate_sigpending+0x7b/0xa0 [ 12.651531] ? __pfx_kthread+0x10/0x10 [ 12.651549] ret_from_fork+0x41/0x80 [ 12.651891] ? __pfx_kthread+0x10/0x10 [ 12.651936] ret_from_fork_asm+0x1a/0x30 [ 12.651969] </TASK> [ 12.651981] [ 12.662484] Allocated by task 260: [ 12.662679] kasan_save_stack+0x45/0x70 [ 12.662993] kasan_save_track+0x18/0x40 [ 12.663265] kasan_save_alloc_info+0x3b/0x50 [ 12.663457] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.663876] remove_element+0x11e/0x190 [ 12.664097] mempool_alloc_preallocated+0x4d/0x90 [ 12.664290] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.664471] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.664633] kunit_try_run_case+0x1a5/0x480 [ 12.664842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.665234] kthread+0x337/0x6f0 [ 12.665404] ret_from_fork+0x41/0x80 [ 12.665599] ret_from_fork_asm+0x1a/0x30 [ 12.665888] [ 12.665994] The buggy address belongs to the object at ffff8881029f9d00 [ 12.665994] which belongs to the cache kmalloc-128 of size 128 [ 12.666434] The buggy address is located 1 bytes inside of [ 12.666434] 128-byte region [ffff8881029f9d00, ffff8881029f9d80) [ 12.667096] [ 12.667197] The buggy address belongs to the physical page: [ 12.667425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 12.667784] flags: 0x200000000000000(node=0|zone=2) [ 12.667961] page_type: f5(slab) [ 12.668312] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.668663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.669120] page dumped because: kasan: bad access detected [ 12.669348] [ 12.669466] Memory state around the buggy address: [ 12.669664] ffff8881029f9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.670070] ffff8881029f9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.670355] >ffff8881029f9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.670671] ^ [ 12.670947] ffff8881029f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.671243] ffff8881029f9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.671560] ================================================================== [ 12.674665] ================================================================== [ 12.675247] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.676194] Free of addr ffff888103a04001 by task kunit_try_catch/262 [ 12.676488] [ 12.676642] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.676692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.676772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.676797] Call Trace: [ 12.676821] <TASK> [ 12.676839] dump_stack_lvl+0x73/0xb0 [ 12.676869] print_report+0xd1/0x650 [ 12.676904] ? __virt_addr_valid+0x1db/0x2d0 [ 12.676937] ? kasan_addr_to_slab+0x11/0xa0 [ 12.676957] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.676984] kasan_report_invalid_free+0x10a/0x130 [ 12.677017] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.677047] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.677071] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.677106] mempool_free+0x2ec/0x380 [ 12.677130] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.677156] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.677180] ? update_load_avg+0x1be/0x21b0 [ 12.677202] ? update_load_avg+0x1be/0x21b0 [ 12.677220] ? update_curr+0x80/0x810 [ 12.677240] ? finish_task_switch.isra.0+0x153/0x700 [ 12.677267] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.677301] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.677326] ? dequeue_task_fair+0x156/0x4e0 [ 12.677347] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.677377] ? __pfx_mempool_kfree+0x10/0x10 [ 12.677398] ? __pfx_read_tsc+0x10/0x10 [ 12.677418] ? ktime_get_ts64+0x86/0x230 [ 12.677444] kunit_try_run_case+0x1a5/0x480 [ 12.677470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.677491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.677517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.677541] ? __kthread_parkme+0x82/0x180 [ 12.677582] ? preempt_count_sub+0x50/0x80 [ 12.677616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.677640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.677663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.677696] kthread+0x337/0x6f0 [ 12.677766] ? trace_preempt_on+0x20/0xc0 [ 12.677791] ? __pfx_kthread+0x10/0x10 [ 12.677809] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.677831] ? calculate_sigpending+0x7b/0xa0 [ 12.677853] ? __pfx_kthread+0x10/0x10 [ 12.677871] ret_from_fork+0x41/0x80 [ 12.677892] ? __pfx_kthread+0x10/0x10 [ 12.677910] ret_from_fork_asm+0x1a/0x30 [ 12.677951] </TASK> [ 12.677963] [ 12.688361] The buggy address belongs to the physical page: [ 12.688633] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04 [ 12.688973] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.689358] flags: 0x200000000000040(head|node=0|zone=2) [ 12.689598] page_type: f8(unknown) [ 12.689791] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.690160] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.690513] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.691111] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.691394] head: 0200000000000002 ffffea00040e8101 00000000ffffffff 00000000ffffffff [ 12.691872] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.692260] page dumped because: kasan: bad access detected [ 12.692493] [ 12.692620] Memory state around the buggy address: [ 12.692887] ffff888103a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.693156] ffff888103a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.693483] >ffff888103a04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.693832] ^ [ 12.694025] ffff888103a04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.694312] ffff888103a04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.694615] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 12.601269] ================================================================== [ 12.602498] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.602767] Free of addr ffff888103a04000 by task kunit_try_catch/256 [ 12.603210] [ 12.603340] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.603533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.603591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.603614] Call Trace: [ 12.603626] <TASK> [ 12.603645] dump_stack_lvl+0x73/0xb0 [ 12.603688] print_report+0xd1/0x650 [ 12.603712] ? __virt_addr_valid+0x1db/0x2d0 [ 12.603736] ? kasan_addr_to_slab+0x11/0xa0 [ 12.603785] ? mempool_double_free_helper+0x184/0x370 [ 12.603811] kasan_report_invalid_free+0x10a/0x130 [ 12.603836] ? mempool_double_free_helper+0x184/0x370 [ 12.603931] ? mempool_double_free_helper+0x184/0x370 [ 12.603954] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.603979] mempool_free+0x2ec/0x380 [ 12.604025] mempool_double_free_helper+0x184/0x370 [ 12.604049] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.604088] ? dequeue_entities+0x852/0x1740 [ 12.604122] ? finish_task_switch.isra.0+0x153/0x700 [ 12.604149] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.604173] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.604211] ? dequeue_task_fair+0x166/0x4e0 [ 12.604232] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.604257] ? __pfx_mempool_kfree+0x10/0x10 [ 12.604290] ? __pfx_read_tsc+0x10/0x10 [ 12.604311] ? ktime_get_ts64+0x86/0x230 [ 12.604337] kunit_try_run_case+0x1a5/0x480 [ 12.604363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604433] ? __kthread_parkme+0x82/0x180 [ 12.604455] ? preempt_count_sub+0x50/0x80 [ 12.604480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604548] kthread+0x337/0x6f0 [ 12.604576] ? trace_preempt_on+0x20/0xc0 [ 12.604600] ? __pfx_kthread+0x10/0x10 [ 12.604617] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.604639] ? calculate_sigpending+0x7b/0xa0 [ 12.604661] ? __pfx_kthread+0x10/0x10 [ 12.604678] ret_from_fork+0x41/0x80 [ 12.604699] ? __pfx_kthread+0x10/0x10 [ 12.604788] ret_from_fork_asm+0x1a/0x30 [ 12.604825] </TASK> [ 12.604836] [ 12.615444] The buggy address belongs to the physical page: [ 12.615754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04 [ 12.616452] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.616875] flags: 0x200000000000040(head|node=0|zone=2) [ 12.617342] page_type: f8(unknown) [ 12.617550] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.618036] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.618414] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.618847] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.619306] head: 0200000000000002 ffffea00040e8101 00000000ffffffff 00000000ffffffff [ 12.619692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.620339] page dumped because: kasan: bad access detected [ 12.620610] [ 12.620721] Memory state around the buggy address: [ 12.621107] ffff888103a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.621482] ffff888103a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.621975] >ffff888103a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.622361] ^ [ 12.622528] ffff888103a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.622937] ffff888103a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.623322] ================================================================== [ 12.627340] ================================================================== [ 12.627974] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.628464] Free of addr ffff8881039c4000 by task kunit_try_catch/258 [ 12.628767] [ 12.628884] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.628945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.628958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.629035] Call Trace: [ 12.629062] <TASK> [ 12.629083] dump_stack_lvl+0x73/0xb0 [ 12.629114] print_report+0xd1/0x650 [ 12.629138] ? __virt_addr_valid+0x1db/0x2d0 [ 12.629163] ? kasan_addr_to_slab+0x11/0xa0 [ 12.629216] ? mempool_double_free_helper+0x184/0x370 [ 12.629241] kasan_report_invalid_free+0x10a/0x130 [ 12.629277] ? mempool_double_free_helper+0x184/0x370 [ 12.629303] ? mempool_double_free_helper+0x184/0x370 [ 12.629352] __kasan_mempool_poison_pages+0x115/0x130 [ 12.629377] mempool_free+0x290/0x380 [ 12.629403] mempool_double_free_helper+0x184/0x370 [ 12.629438] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.629461] ? dequeue_entities+0x852/0x1740 [ 12.629487] ? finish_task_switch.isra.0+0x153/0x700 [ 12.629514] mempool_page_alloc_double_free+0xe8/0x140 [ 12.629535] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.629556] ? dequeue_task_fair+0x166/0x4e0 [ 12.629578] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.629598] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.629620] ? __pfx_read_tsc+0x10/0x10 [ 12.629641] ? ktime_get_ts64+0x86/0x230 [ 12.629667] kunit_try_run_case+0x1a5/0x480 [ 12.629694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.629731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.629756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.629779] ? __kthread_parkme+0x82/0x180 [ 12.629802] ? preempt_count_sub+0x50/0x80 [ 12.629826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.629849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.629871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.629894] kthread+0x337/0x6f0 [ 12.629910] ? trace_preempt_on+0x20/0xc0 [ 12.629944] ? __pfx_kthread+0x10/0x10 [ 12.629961] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.629983] ? calculate_sigpending+0x7b/0xa0 [ 12.630006] ? __pfx_kthread+0x10/0x10 [ 12.630023] ret_from_fork+0x41/0x80 [ 12.630044] ? __pfx_kthread+0x10/0x10 [ 12.630061] ret_from_fork_asm+0x1a/0x30 [ 12.630093] </TASK> [ 12.630105] [ 12.639861] The buggy address belongs to the physical page: [ 12.640179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 12.640547] flags: 0x200000000000000(node=0|zone=2) [ 12.640818] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.641195] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.641503] page dumped because: kasan: bad access detected [ 12.641787] [ 12.641855] Memory state around the buggy address: [ 12.642020] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.642374] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.642689] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.643038] ^ [ 12.643158] ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.643828] ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.644151] ================================================================== [ 12.572408] ================================================================== [ 12.573038] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.573472] Free of addr ffff888102f60c00 by task kunit_try_catch/254 [ 12.573764] [ 12.573945] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.573997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.574008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.574030] Call Trace: [ 12.574043] <TASK> [ 12.574063] dump_stack_lvl+0x73/0xb0 [ 12.574092] print_report+0xd1/0x650 [ 12.574116] ? __virt_addr_valid+0x1db/0x2d0 [ 12.574142] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.574165] ? mempool_double_free_helper+0x184/0x370 [ 12.574190] kasan_report_invalid_free+0x10a/0x130 [ 12.574215] ? mempool_double_free_helper+0x184/0x370 [ 12.574241] ? mempool_double_free_helper+0x184/0x370 [ 12.574263] ? mempool_double_free_helper+0x184/0x370 [ 12.574286] check_slab_allocation+0x101/0x130 [ 12.574308] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.574333] mempool_free+0x2ec/0x380 [ 12.574358] mempool_double_free_helper+0x184/0x370 [ 12.574383] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.574407] ? dequeue_entities+0x852/0x1740 [ 12.574433] ? finish_task_switch.isra.0+0x153/0x700 [ 12.574460] mempool_kmalloc_double_free+0xed/0x140 [ 12.574487] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.574510] ? dequeue_task_fair+0x166/0x4e0 [ 12.574532] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.574552] ? __pfx_mempool_kfree+0x10/0x10 [ 12.574584] ? __pfx_read_tsc+0x10/0x10 [ 12.574605] ? ktime_get_ts64+0x86/0x230 [ 12.574632] kunit_try_run_case+0x1a5/0x480 [ 12.574673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.574721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574795] ? __kthread_parkme+0x82/0x180 [ 12.574822] ? preempt_count_sub+0x50/0x80 [ 12.574847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.574894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.574927] kthread+0x337/0x6f0 [ 12.574944] ? trace_preempt_on+0x20/0xc0 [ 12.574969] ? __pfx_kthread+0x10/0x10 [ 12.574987] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.575009] ? calculate_sigpending+0x7b/0xa0 [ 12.575031] ? __pfx_kthread+0x10/0x10 [ 12.575049] ret_from_fork+0x41/0x80 [ 12.575070] ? __pfx_kthread+0x10/0x10 [ 12.575088] ret_from_fork_asm+0x1a/0x30 [ 12.575119] </TASK> [ 12.575131] [ 12.584749] Allocated by task 254: [ 12.584895] kasan_save_stack+0x45/0x70 [ 12.585061] kasan_save_track+0x18/0x40 [ 12.585460] kasan_save_alloc_info+0x3b/0x50 [ 12.585897] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.586166] remove_element+0x11e/0x190 [ 12.586361] mempool_alloc_preallocated+0x4d/0x90 [ 12.586533] mempool_double_free_helper+0x8a/0x370 [ 12.586828] mempool_kmalloc_double_free+0xed/0x140 [ 12.587091] kunit_try_run_case+0x1a5/0x480 [ 12.587242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.587491] kthread+0x337/0x6f0 [ 12.587666] ret_from_fork+0x41/0x80 [ 12.587955] ret_from_fork_asm+0x1a/0x30 [ 12.588102] [ 12.588172] Freed by task 254: [ 12.588291] kasan_save_stack+0x45/0x70 [ 12.588483] kasan_save_track+0x18/0x40 [ 12.588841] kasan_save_free_info+0x3f/0x60 [ 12.589195] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.589543] mempool_free+0x2ec/0x380 [ 12.589751] mempool_double_free_helper+0x109/0x370 [ 12.590033] mempool_kmalloc_double_free+0xed/0x140 [ 12.590241] kunit_try_run_case+0x1a5/0x480 [ 12.590387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.590602] kthread+0x337/0x6f0 [ 12.590764] ret_from_fork+0x41/0x80 [ 12.591020] ret_from_fork_asm+0x1a/0x30 [ 12.591218] [ 12.591315] The buggy address belongs to the object at ffff888102f60c00 [ 12.591315] which belongs to the cache kmalloc-128 of size 128 [ 12.592058] The buggy address is located 0 bytes inside of [ 12.592058] 128-byte region [ffff888102f60c00, ffff888102f60c80) [ 12.592540] [ 12.592636] The buggy address belongs to the physical page: [ 12.592984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 12.593320] flags: 0x200000000000000(node=0|zone=2) [ 12.593528] page_type: f5(slab) [ 12.593792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.594322] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.594673] page dumped because: kasan: bad access detected [ 12.594978] [ 12.595048] Memory state around the buggy address: [ 12.595204] ffff888102f60b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.595541] ffff888102f60b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.596063] >ffff888102f60c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.596284] ^ [ 12.596442] ffff888102f60c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.597027] ffff888102f60d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.597415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.551230] ================================================================== [ 12.551696] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.552062] Read of size 1 at addr ffff888103a04000 by task kunit_try_catch/252 [ 12.552558] [ 12.552782] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.552837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.552992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.553019] Call Trace: [ 12.553031] <TASK> [ 12.553050] dump_stack_lvl+0x73/0xb0 [ 12.553082] print_report+0xd1/0x650 [ 12.553105] ? __virt_addr_valid+0x1db/0x2d0 [ 12.553127] ? mempool_uaf_helper+0x392/0x400 [ 12.553150] ? kasan_addr_to_slab+0x11/0xa0 [ 12.553170] ? mempool_uaf_helper+0x392/0x400 [ 12.553193] kasan_report+0x141/0x180 [ 12.553226] ? mempool_uaf_helper+0x392/0x400 [ 12.553253] __asan_report_load1_noabort+0x18/0x20 [ 12.553286] mempool_uaf_helper+0x392/0x400 [ 12.553308] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.553331] ? dequeue_entities+0x852/0x1740 [ 12.553356] ? finish_task_switch.isra.0+0x153/0x700 [ 12.553384] mempool_page_alloc_uaf+0xed/0x140 [ 12.553404] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.553423] ? dequeue_task_fair+0x166/0x4e0 [ 12.553445] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.553468] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.553499] ? __pfx_read_tsc+0x10/0x10 [ 12.553520] ? ktime_get_ts64+0x86/0x230 [ 12.553546] kunit_try_run_case+0x1a5/0x480 [ 12.553582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.553629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.553651] ? __kthread_parkme+0x82/0x180 [ 12.553674] ? preempt_count_sub+0x50/0x80 [ 12.553699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.553834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.553860] kthread+0x337/0x6f0 [ 12.553877] ? trace_preempt_on+0x20/0xc0 [ 12.553901] ? __pfx_kthread+0x10/0x10 [ 12.553929] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.553952] ? calculate_sigpending+0x7b/0xa0 [ 12.553974] ? __pfx_kthread+0x10/0x10 [ 12.553993] ret_from_fork+0x41/0x80 [ 12.554014] ? __pfx_kthread+0x10/0x10 [ 12.554032] ret_from_fork_asm+0x1a/0x30 [ 12.554063] </TASK> [ 12.554075] [ 12.563052] The buggy address belongs to the physical page: [ 12.563334] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04 [ 12.563995] flags: 0x200000000000000(node=0|zone=2) [ 12.564476] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.565060] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.565490] page dumped because: kasan: bad access detected [ 12.565778] [ 12.566021] Memory state around the buggy address: [ 12.566257] ffff888103a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.566591] ffff888103a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.566812] >ffff888103a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.567157] ^ [ 12.567323] ffff888103a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.567563] ffff888103a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.568010] ================================================================== [ 12.490876] ================================================================== [ 12.491549] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.491894] Read of size 1 at addr ffff888102f7c000 by task kunit_try_catch/248 [ 12.492236] [ 12.492362] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.492414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.492426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.492449] Call Trace: [ 12.492462] <TASK> [ 12.492537] dump_stack_lvl+0x73/0xb0 [ 12.492624] print_report+0xd1/0x650 [ 12.492649] ? __virt_addr_valid+0x1db/0x2d0 [ 12.492673] ? mempool_uaf_helper+0x392/0x400 [ 12.492696] ? kasan_addr_to_slab+0x11/0xa0 [ 12.492877] ? mempool_uaf_helper+0x392/0x400 [ 12.492909] kasan_report+0x141/0x180 [ 12.493235] ? mempool_uaf_helper+0x392/0x400 [ 12.493267] __asan_report_load1_noabort+0x18/0x20 [ 12.493288] mempool_uaf_helper+0x392/0x400 [ 12.493311] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.493333] ? dequeue_entities+0x852/0x1740 [ 12.493359] ? finish_task_switch.isra.0+0x153/0x700 [ 12.493387] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.493411] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.493434] ? dequeue_task_fair+0x166/0x4e0 [ 12.493456] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.493478] ? __pfx_mempool_kfree+0x10/0x10 [ 12.493499] ? __pfx_read_tsc+0x10/0x10 [ 12.493520] ? ktime_get_ts64+0x86/0x230 [ 12.493546] kunit_try_run_case+0x1a5/0x480 [ 12.493612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.493635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.493674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.493698] ? __kthread_parkme+0x82/0x180 [ 12.493795] ? preempt_count_sub+0x50/0x80 [ 12.493826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.493851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.493876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.493899] kthread+0x337/0x6f0 [ 12.493928] ? trace_preempt_on+0x20/0xc0 [ 12.493953] ? __pfx_kthread+0x10/0x10 [ 12.493971] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.493992] ? calculate_sigpending+0x7b/0xa0 [ 12.494014] ? __pfx_kthread+0x10/0x10 [ 12.494032] ret_from_fork+0x41/0x80 [ 12.494054] ? __pfx_kthread+0x10/0x10 [ 12.494071] ret_from_fork_asm+0x1a/0x30 [ 12.494103] </TASK> [ 12.494115] [ 12.503778] The buggy address belongs to the physical page: [ 12.504208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f7c [ 12.504699] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.504989] flags: 0x200000000000040(head|node=0|zone=2) [ 12.505174] page_type: f8(unknown) [ 12.505611] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.506004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.506655] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.507054] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.507352] head: 0200000000000002 ffffea00040bdf01 00000000ffffffff 00000000ffffffff [ 12.507808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.508238] page dumped because: kasan: bad access detected [ 12.508500] [ 12.508630] Memory state around the buggy address: [ 12.509068] ffff888102f7bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.509402] ffff888102f7bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.509798] >ffff888102f7c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.510072] ^ [ 12.510311] ffff888102f7c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.510613] ffff888102f7c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.511081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.516531] ================================================================== [ 12.517298] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.517609] Read of size 1 at addr ffff888102f7b240 by task kunit_try_catch/250 [ 12.518104] [ 12.518245] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.518319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.518331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.518355] Call Trace: [ 12.518369] <TASK> [ 12.518400] dump_stack_lvl+0x73/0xb0 [ 12.518430] print_report+0xd1/0x650 [ 12.518454] ? __virt_addr_valid+0x1db/0x2d0 [ 12.518478] ? mempool_uaf_helper+0x392/0x400 [ 12.518501] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.518523] ? mempool_uaf_helper+0x392/0x400 [ 12.518555] kasan_report+0x141/0x180 [ 12.518577] ? mempool_uaf_helper+0x392/0x400 [ 12.518603] __asan_report_load1_noabort+0x18/0x20 [ 12.518635] mempool_uaf_helper+0x392/0x400 [ 12.518658] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.518685] ? finish_task_switch.isra.0+0x153/0x700 [ 12.518714] mempool_slab_uaf+0xea/0x140 [ 12.518734] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.518753] ? dequeue_task_fair+0x166/0x4e0 [ 12.518776] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.518799] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.518821] ? __pfx_read_tsc+0x10/0x10 [ 12.518892] ? ktime_get_ts64+0x86/0x230 [ 12.518941] kunit_try_run_case+0x1a5/0x480 [ 12.518969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.518991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.519017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.519049] ? __kthread_parkme+0x82/0x180 [ 12.519072] ? preempt_count_sub+0x50/0x80 [ 12.519097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.519132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.519155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.519177] kthread+0x337/0x6f0 [ 12.519194] ? trace_preempt_on+0x20/0xc0 [ 12.519219] ? __pfx_kthread+0x10/0x10 [ 12.519236] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.519257] ? calculate_sigpending+0x7b/0xa0 [ 12.519280] ? __pfx_kthread+0x10/0x10 [ 12.519297] ret_from_fork+0x41/0x80 [ 12.519318] ? __pfx_kthread+0x10/0x10 [ 12.519336] ret_from_fork_asm+0x1a/0x30 [ 12.519368] </TASK> [ 12.519380] [ 12.527809] Allocated by task 250: [ 12.528004] kasan_save_stack+0x45/0x70 [ 12.528157] kasan_save_track+0x18/0x40 [ 12.528298] kasan_save_alloc_info+0x3b/0x50 [ 12.528731] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.529058] remove_element+0x11e/0x190 [ 12.529254] mempool_alloc_preallocated+0x4d/0x90 [ 12.529469] mempool_uaf_helper+0x96/0x400 [ 12.529688] mempool_slab_uaf+0xea/0x140 [ 12.530008] kunit_try_run_case+0x1a5/0x480 [ 12.530196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.530416] kthread+0x337/0x6f0 [ 12.530588] ret_from_fork+0x41/0x80 [ 12.530751] ret_from_fork_asm+0x1a/0x30 [ 12.530951] [ 12.531021] Freed by task 250: [ 12.531132] kasan_save_stack+0x45/0x70 [ 12.531266] kasan_save_track+0x18/0x40 [ 12.531401] kasan_save_free_info+0x3f/0x60 [ 12.531685] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.531937] mempool_free+0x2ec/0x380 [ 12.532354] mempool_uaf_helper+0x11a/0x400 [ 12.532655] mempool_slab_uaf+0xea/0x140 [ 12.533037] kunit_try_run_case+0x1a5/0x480 [ 12.533261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533626] kthread+0x337/0x6f0 [ 12.533772] ret_from_fork+0x41/0x80 [ 12.533939] ret_from_fork_asm+0x1a/0x30 [ 12.534078] [ 12.534174] The buggy address belongs to the object at ffff888102f7b240 [ 12.534174] which belongs to the cache test_cache of size 123 [ 12.535824] The buggy address is located 0 bytes inside of [ 12.535824] freed 123-byte region [ffff888102f7b240, ffff888102f7b2bb) [ 12.536804] [ 12.536935] The buggy address belongs to the physical page: [ 12.537376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f7b [ 12.537871] flags: 0x200000000000000(node=0|zone=2) [ 12.538319] page_type: f5(slab) [ 12.538488] raw: 0200000000000000 ffff88810128f780 dead000000000122 0000000000000000 [ 12.539106] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.539440] page dumped because: kasan: bad access detected [ 12.539843] [ 12.539957] Memory state around the buggy address: [ 12.540477] ffff888102f7b100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.541021] ffff888102f7b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.541515] >ffff888102f7b200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.542116] ^ [ 12.542370] ffff888102f7b280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.542642] ffff888102f7b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.543218] ================================================================== [ 12.461496] ================================================================== [ 12.462070] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.462459] Read of size 1 at addr ffff8881029f9900 by task kunit_try_catch/246 [ 12.462803] [ 12.462910] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.462985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.462998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.463021] Call Trace: [ 12.463035] <TASK> [ 12.463092] dump_stack_lvl+0x73/0xb0 [ 12.463127] print_report+0xd1/0x650 [ 12.463164] ? __virt_addr_valid+0x1db/0x2d0 [ 12.463188] ? mempool_uaf_helper+0x392/0x400 [ 12.463211] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.463235] ? mempool_uaf_helper+0x392/0x400 [ 12.463286] kasan_report+0x141/0x180 [ 12.463309] ? mempool_uaf_helper+0x392/0x400 [ 12.463337] __asan_report_load1_noabort+0x18/0x20 [ 12.463369] mempool_uaf_helper+0x392/0x400 [ 12.463393] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.463415] ? dequeue_entities+0x852/0x1740 [ 12.463442] ? finish_task_switch.isra.0+0x153/0x700 [ 12.463471] mempool_kmalloc_uaf+0xef/0x140 [ 12.463496] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.463518] ? dequeue_task_fair+0x166/0x4e0 [ 12.463540] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.463562] ? __pfx_mempool_kfree+0x10/0x10 [ 12.463615] ? __pfx_read_tsc+0x10/0x10 [ 12.463636] ? ktime_get_ts64+0x86/0x230 [ 12.463674] kunit_try_run_case+0x1a5/0x480 [ 12.463701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.463723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.463748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.463771] ? __kthread_parkme+0x82/0x180 [ 12.463890] ? preempt_count_sub+0x50/0x80 [ 12.463939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.463965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.463990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.464012] kthread+0x337/0x6f0 [ 12.464030] ? trace_preempt_on+0x20/0xc0 [ 12.464055] ? __pfx_kthread+0x10/0x10 [ 12.464073] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.464095] ? calculate_sigpending+0x7b/0xa0 [ 12.464117] ? __pfx_kthread+0x10/0x10 [ 12.464135] ret_from_fork+0x41/0x80 [ 12.464156] ? __pfx_kthread+0x10/0x10 [ 12.464174] ret_from_fork_asm+0x1a/0x30 [ 12.464206] </TASK> [ 12.464217] [ 12.473405] Allocated by task 246: [ 12.473659] kasan_save_stack+0x45/0x70 [ 12.473876] kasan_save_track+0x18/0x40 [ 12.474125] kasan_save_alloc_info+0x3b/0x50 [ 12.474410] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.474812] remove_element+0x11e/0x190 [ 12.474984] mempool_alloc_preallocated+0x4d/0x90 [ 12.475143] mempool_uaf_helper+0x96/0x400 [ 12.475316] mempool_kmalloc_uaf+0xef/0x140 [ 12.475498] kunit_try_run_case+0x1a5/0x480 [ 12.475827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.476073] kthread+0x337/0x6f0 [ 12.476194] ret_from_fork+0x41/0x80 [ 12.476431] ret_from_fork_asm+0x1a/0x30 [ 12.476905] [ 12.477021] Freed by task 246: [ 12.477234] kasan_save_stack+0x45/0x70 [ 12.477419] kasan_save_track+0x18/0x40 [ 12.477556] kasan_save_free_info+0x3f/0x60 [ 12.477700] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.477904] mempool_free+0x2ec/0x380 [ 12.478136] mempool_uaf_helper+0x11a/0x400 [ 12.478362] mempool_kmalloc_uaf+0xef/0x140 [ 12.478588] kunit_try_run_case+0x1a5/0x480 [ 12.478754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.479111] kthread+0x337/0x6f0 [ 12.479285] ret_from_fork+0x41/0x80 [ 12.479485] ret_from_fork_asm+0x1a/0x30 [ 12.479758] [ 12.479859] The buggy address belongs to the object at ffff8881029f9900 [ 12.479859] which belongs to the cache kmalloc-128 of size 128 [ 12.480396] The buggy address is located 0 bytes inside of [ 12.480396] freed 128-byte region [ffff8881029f9900, ffff8881029f9980) [ 12.480847] [ 12.480984] The buggy address belongs to the physical page: [ 12.481421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 12.481796] flags: 0x200000000000000(node=0|zone=2) [ 12.482044] page_type: f5(slab) [ 12.482340] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.482722] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.482987] page dumped because: kasan: bad access detected [ 12.483251] [ 12.483344] Memory state around the buggy address: [ 12.483554] ffff8881029f9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.483844] ffff8881029f9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.484149] >ffff8881029f9900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.484451] ^ [ 12.484857] ffff8881029f9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.485144] ffff8881029f9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.485359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.373991] ================================================================== [ 12.374454] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.375120] Read of size 1 at addr ffff8881029f9573 by task kunit_try_catch/240 [ 12.375350] [ 12.375444] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.375495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.375508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.375531] Call Trace: [ 12.375544] <TASK> [ 12.375565] dump_stack_lvl+0x73/0xb0 [ 12.375595] print_report+0xd1/0x650 [ 12.375619] ? __virt_addr_valid+0x1db/0x2d0 [ 12.375641] ? mempool_oob_right_helper+0x318/0x380 [ 12.375664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.375687] ? mempool_oob_right_helper+0x318/0x380 [ 12.375711] kasan_report+0x141/0x180 [ 12.375733] ? mempool_oob_right_helper+0x318/0x380 [ 12.375761] __asan_report_load1_noabort+0x18/0x20 [ 12.375782] mempool_oob_right_helper+0x318/0x380 [ 12.375806] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.375831] ? dequeue_entities+0x852/0x1740 [ 12.375857] ? finish_task_switch.isra.0+0x153/0x700 [ 12.375884] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.375908] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.375941] ? dequeue_task_fair+0x166/0x4e0 [ 12.375963] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.375985] ? __pfx_mempool_kfree+0x10/0x10 [ 12.376008] ? __pfx_read_tsc+0x10/0x10 [ 12.376029] ? ktime_get_ts64+0x86/0x230 [ 12.376056] kunit_try_run_case+0x1a5/0x480 [ 12.376083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.376130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.376154] ? __kthread_parkme+0x82/0x180 [ 12.376177] ? preempt_count_sub+0x50/0x80 [ 12.376202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.376255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.376278] kthread+0x337/0x6f0 [ 12.376295] ? trace_preempt_on+0x20/0xc0 [ 12.376318] ? __pfx_kthread+0x10/0x10 [ 12.376336] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.376358] ? calculate_sigpending+0x7b/0xa0 [ 12.376379] ? __pfx_kthread+0x10/0x10 [ 12.376398] ret_from_fork+0x41/0x80 [ 12.376418] ? __pfx_kthread+0x10/0x10 [ 12.376436] ret_from_fork_asm+0x1a/0x30 [ 12.376467] </TASK> [ 12.376479] [ 12.387392] Allocated by task 240: [ 12.387603] kasan_save_stack+0x45/0x70 [ 12.388271] kasan_save_track+0x18/0x40 [ 12.388440] kasan_save_alloc_info+0x3b/0x50 [ 12.388678] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.389154] remove_element+0x11e/0x190 [ 12.389356] mempool_alloc_preallocated+0x4d/0x90 [ 12.389585] mempool_oob_right_helper+0x8a/0x380 [ 12.389935] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.390098] kunit_try_run_case+0x1a5/0x480 [ 12.390382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.390872] kthread+0x337/0x6f0 [ 12.391157] ret_from_fork+0x41/0x80 [ 12.391485] ret_from_fork_asm+0x1a/0x30 [ 12.391780] [ 12.392045] The buggy address belongs to the object at ffff8881029f9500 [ 12.392045] which belongs to the cache kmalloc-128 of size 128 [ 12.392548] The buggy address is located 0 bytes to the right of [ 12.392548] allocated 115-byte region [ffff8881029f9500, ffff8881029f9573) [ 12.393441] [ 12.393662] The buggy address belongs to the physical page: [ 12.394101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 12.394514] flags: 0x200000000000000(node=0|zone=2) [ 12.395232] page_type: f5(slab) [ 12.395474] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.396011] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.396515] page dumped because: kasan: bad access detected [ 12.396949] [ 12.397026] Memory state around the buggy address: [ 12.397325] ffff8881029f9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.397632] ffff8881029f9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.398267] >ffff8881029f9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.398740] ^ [ 12.399234] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.399792] ffff8881029f9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.400196] ================================================================== [ 12.404078] ================================================================== [ 12.404542] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.404955] Read of size 1 at addr ffff888102f7e001 by task kunit_try_catch/242 [ 12.405273] [ 12.405732] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.405820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.405833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.405896] Call Trace: [ 12.405910] <TASK> [ 12.405948] dump_stack_lvl+0x73/0xb0 [ 12.405980] print_report+0xd1/0x650 [ 12.406004] ? __virt_addr_valid+0x1db/0x2d0 [ 12.406029] ? mempool_oob_right_helper+0x318/0x380 [ 12.406052] ? kasan_addr_to_slab+0x11/0xa0 [ 12.406074] ? mempool_oob_right_helper+0x318/0x380 [ 12.406098] kasan_report+0x141/0x180 [ 12.406121] ? mempool_oob_right_helper+0x318/0x380 [ 12.406150] __asan_report_load1_noabort+0x18/0x20 [ 12.406171] mempool_oob_right_helper+0x318/0x380 [ 12.406196] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.406219] ? dequeue_entities+0x852/0x1740 [ 12.406246] ? irqentry_exit+0x2a/0x60 [ 12.406265] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.406292] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.406342] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.406371] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.406393] ? __pfx_mempool_kfree+0x10/0x10 [ 12.406426] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.406452] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.406479] kunit_try_run_case+0x1a5/0x480 [ 12.406506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.406528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.406552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.406575] ? __kthread_parkme+0x82/0x180 [ 12.406598] ? preempt_count_sub+0x50/0x80 [ 12.406624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.406649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.406672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.406695] kthread+0x337/0x6f0 [ 12.406712] ? trace_preempt_on+0x20/0xc0 [ 12.406736] ? __pfx_kthread+0x10/0x10 [ 12.406753] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.406775] ? calculate_sigpending+0x7b/0xa0 [ 12.406797] ? __pfx_kthread+0x10/0x10 [ 12.406815] ret_from_fork+0x41/0x80 [ 12.406837] ? __pfx_kthread+0x10/0x10 [ 12.406854] ret_from_fork_asm+0x1a/0x30 [ 12.406887] </TASK> [ 12.406898] [ 12.416521] The buggy address belongs to the physical page: [ 12.416900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f7c [ 12.417313] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.417706] flags: 0x200000000000040(head|node=0|zone=2) [ 12.418011] page_type: f8(unknown) [ 12.418197] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.418431] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.419077] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.419449] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.420022] head: 0200000000000002 ffffea00040bdf01 00000000ffffffff 00000000ffffffff [ 12.420337] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.420782] page dumped because: kasan: bad access detected [ 12.421214] [ 12.421325] Memory state around the buggy address: [ 12.421505] ffff888102f7df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.421962] ffff888102f7df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.422341] >ffff888102f7e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.422707] ^ [ 12.422904] ffff888102f7e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423272] ffff888102f7e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423564] ================================================================== [ 12.428041] ================================================================== [ 12.428538] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.428964] Read of size 1 at addr ffff888102a0b2bb by task kunit_try_catch/244 [ 12.429527] [ 12.429746] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 12.429818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.429832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.429857] Call Trace: [ 12.429870] <TASK> [ 12.429891] dump_stack_lvl+0x73/0xb0 [ 12.429963] print_report+0xd1/0x650 [ 12.429989] ? __virt_addr_valid+0x1db/0x2d0 [ 12.430039] ? mempool_oob_right_helper+0x318/0x380 [ 12.430064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.430098] ? mempool_oob_right_helper+0x318/0x380 [ 12.430122] kasan_report+0x141/0x180 [ 12.430145] ? mempool_oob_right_helper+0x318/0x380 [ 12.430173] __asan_report_load1_noabort+0x18/0x20 [ 12.430194] mempool_oob_right_helper+0x318/0x380 [ 12.430216] ? call_rcu+0x12/0x20 [ 12.430240] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.430265] ? __pfx_task_dead_fair+0x10/0x10 [ 12.430293] mempool_slab_oob_right+0xed/0x140 [ 12.430317] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.430338] ? dequeue_task_fair+0x156/0x4e0 [ 12.430360] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.430383] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.430405] ? __pfx_read_tsc+0x10/0x10 [ 12.430427] ? ktime_get_ts64+0x86/0x230 [ 12.430453] kunit_try_run_case+0x1a5/0x480 [ 12.430479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.430527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.430551] ? __kthread_parkme+0x82/0x180 [ 12.430572] ? preempt_count_sub+0x50/0x80 [ 12.430599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.430648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.430671] kthread+0x337/0x6f0 [ 12.430688] ? trace_preempt_on+0x20/0xc0 [ 12.430711] ? __pfx_kthread+0x10/0x10 [ 12.430729] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.430750] ? calculate_sigpending+0x7b/0xa0 [ 12.430771] ? __pfx_kthread+0x10/0x10 [ 12.430790] ret_from_fork+0x41/0x80 [ 12.430810] ? __pfx_kthread+0x10/0x10 [ 12.430828] ret_from_fork_asm+0x1a/0x30 [ 12.430859] </TASK> [ 12.430871] [ 12.440674] Allocated by task 244: [ 12.440995] kasan_save_stack+0x45/0x70 [ 12.441399] kasan_save_track+0x18/0x40 [ 12.441559] kasan_save_alloc_info+0x3b/0x50 [ 12.442039] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.442303] remove_element+0x11e/0x190 [ 12.442501] mempool_alloc_preallocated+0x4d/0x90 [ 12.442856] mempool_oob_right_helper+0x8a/0x380 [ 12.443104] mempool_slab_oob_right+0xed/0x140 [ 12.443263] kunit_try_run_case+0x1a5/0x480 [ 12.443522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.443756] kthread+0x337/0x6f0 [ 12.444047] ret_from_fork+0x41/0x80 [ 12.444269] ret_from_fork_asm+0x1a/0x30 [ 12.444411] [ 12.444497] The buggy address belongs to the object at ffff888102a0b240 [ 12.444497] which belongs to the cache test_cache of size 123 [ 12.445128] The buggy address is located 0 bytes to the right of [ 12.445128] allocated 123-byte region [ffff888102a0b240, ffff888102a0b2bb) [ 12.445910] [ 12.446000] The buggy address belongs to the physical page: [ 12.446221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 12.446578] flags: 0x200000000000000(node=0|zone=2) [ 12.447172] page_type: f5(slab) [ 12.447388] raw: 0200000000000000 ffff888102109500 dead000000000122 0000000000000000 [ 12.447691] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.448176] page dumped because: kasan: bad access detected [ 12.448359] [ 12.448455] Memory state around the buggy address: [ 12.448870] ffff888102a0b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.449202] ffff888102a0b200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.449476] >ffff888102a0b280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.449956] ^ [ 12.450125] ffff888102a0b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450433] ffff888102a0b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450800] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 11.797434] ================================================================== [ 11.798252] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 11.798535] Read of size 1 at addr ffff8881021093c0 by task kunit_try_catch/234 [ 11.798843] [ 11.798950] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.799002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.799015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.799040] Call Trace: [ 11.799054] <TASK> [ 11.799075] dump_stack_lvl+0x73/0xb0 [ 11.799105] print_report+0xd1/0x650 [ 11.799129] ? __virt_addr_valid+0x1db/0x2d0 [ 11.799154] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.799174] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.799198] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.799219] kasan_report+0x141/0x180 [ 11.799241] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.799265] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.799288] __kasan_check_byte+0x3d/0x50 [ 11.799310] kmem_cache_destroy+0x25/0x1d0 [ 11.799334] kmem_cache_double_destroy+0x1bf/0x380 [ 11.799355] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.799376] ? finish_task_switch.isra.0+0x153/0x700 [ 11.799401] ? __switch_to+0x5d9/0xf60 [ 11.799423] ? dequeue_task_fair+0x166/0x4e0 [ 11.799450] ? __pfx_read_tsc+0x10/0x10 [ 11.799471] ? ktime_get_ts64+0x86/0x230 [ 11.799497] kunit_try_run_case+0x1a5/0x480 [ 11.799524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.799546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.799571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.799594] ? __kthread_parkme+0x82/0x180 [ 11.799618] ? preempt_count_sub+0x50/0x80 [ 11.799643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.799688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.799712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.799735] kthread+0x337/0x6f0 [ 11.799765] ? trace_preempt_on+0x20/0xc0 [ 11.799790] ? __pfx_kthread+0x10/0x10 [ 11.799809] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.799831] ? calculate_sigpending+0x7b/0xa0 [ 11.799854] ? __pfx_kthread+0x10/0x10 [ 11.799873] ret_from_fork+0x41/0x80 [ 11.799894] ? __pfx_kthread+0x10/0x10 [ 11.799912] ret_from_fork_asm+0x1a/0x30 [ 11.799991] </TASK> [ 11.800003] [ 11.814965] Allocated by task 234: [ 11.815303] kasan_save_stack+0x45/0x70 [ 11.815470] kasan_save_track+0x18/0x40 [ 11.815687] kasan_save_alloc_info+0x3b/0x50 [ 11.816125] __kasan_slab_alloc+0x91/0xa0 [ 11.816762] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.817280] __kmem_cache_create_args+0x169/0x240 [ 11.817479] kmem_cache_double_destroy+0xd5/0x380 [ 11.817967] kunit_try_run_case+0x1a5/0x480 [ 11.818391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.818571] kthread+0x337/0x6f0 [ 11.818692] ret_from_fork+0x41/0x80 [ 11.819080] ret_from_fork_asm+0x1a/0x30 [ 11.819473] [ 11.819641] Freed by task 234: [ 11.819995] kasan_save_stack+0x45/0x70 [ 11.820577] kasan_save_track+0x18/0x40 [ 11.821020] kasan_save_free_info+0x3f/0x60 [ 11.821222] __kasan_slab_free+0x56/0x70 [ 11.821359] kmem_cache_free+0x249/0x420 [ 11.821496] slab_kmem_cache_release+0x2e/0x40 [ 11.821659] kmem_cache_release+0x16/0x20 [ 11.822024] kobject_put+0x181/0x450 [ 11.822440] sysfs_slab_release+0x16/0x20 [ 11.822903] kmem_cache_destroy+0xf0/0x1d0 [ 11.823287] kmem_cache_double_destroy+0x14e/0x380 [ 11.823934] kunit_try_run_case+0x1a5/0x480 [ 11.824325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.824613] kthread+0x337/0x6f0 [ 11.825033] ret_from_fork+0x41/0x80 [ 11.825263] ret_from_fork_asm+0x1a/0x30 [ 11.825402] [ 11.825474] The buggy address belongs to the object at ffff8881021093c0 [ 11.825474] which belongs to the cache kmem_cache of size 208 [ 11.826471] The buggy address is located 0 bytes inside of [ 11.826471] freed 208-byte region [ffff8881021093c0, ffff888102109490) [ 11.827558] [ 11.827745] The buggy address belongs to the physical page: [ 11.828150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102109 [ 11.828409] flags: 0x200000000000000(node=0|zone=2) [ 11.828589] page_type: f5(slab) [ 11.828885] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 11.829696] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 11.830433] page dumped because: kasan: bad access detected [ 11.831026] [ 11.831183] Memory state around the buggy address: [ 11.831613] ffff888102109280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.832223] ffff888102109300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 11.832453] >ffff888102109380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 11.832900] ^ [ 11.833443] ffff888102109400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.834110] ffff888102109480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.834712] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 11.729092] ================================================================== [ 11.729612] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.730376] Read of size 1 at addr ffff888102f74000 by task kunit_try_catch/232 [ 11.731155] [ 11.731436] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.731498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.731512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.731536] Call Trace: [ 11.731551] <TASK> [ 11.731587] dump_stack_lvl+0x73/0xb0 [ 11.731621] print_report+0xd1/0x650 [ 11.731647] ? __virt_addr_valid+0x1db/0x2d0 [ 11.731671] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.731691] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.731904] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.731952] kasan_report+0x141/0x180 [ 11.731978] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.732003] __asan_report_load1_noabort+0x18/0x20 [ 11.732025] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.732045] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.732064] ? finish_task_switch.isra.0+0x153/0x700 [ 11.732089] ? __switch_to+0x5d9/0xf60 [ 11.732110] ? dequeue_task_fair+0x166/0x4e0 [ 11.732137] ? __pfx_read_tsc+0x10/0x10 [ 11.732157] ? ktime_get_ts64+0x86/0x230 [ 11.732184] kunit_try_run_case+0x1a5/0x480 [ 11.732210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.732232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.732263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.732286] ? __kthread_parkme+0x82/0x180 [ 11.732309] ? preempt_count_sub+0x50/0x80 [ 11.732333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.732356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.732379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.732401] kthread+0x337/0x6f0 [ 11.732418] ? trace_preempt_on+0x20/0xc0 [ 11.732442] ? __pfx_kthread+0x10/0x10 [ 11.732460] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.732482] ? calculate_sigpending+0x7b/0xa0 [ 11.732503] ? __pfx_kthread+0x10/0x10 [ 11.732521] ret_from_fork+0x41/0x80 [ 11.732542] ? __pfx_kthread+0x10/0x10 [ 11.732569] ret_from_fork_asm+0x1a/0x30 [ 11.732602] </TASK> [ 11.732613] [ 11.743278] Allocated by task 232: [ 11.743995] kasan_save_stack+0x45/0x70 [ 11.744206] kasan_save_track+0x18/0x40 [ 11.744521] kasan_save_alloc_info+0x3b/0x50 [ 11.744914] __kasan_slab_alloc+0x91/0xa0 [ 11.745218] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.745509] kmem_cache_rcu_uaf+0x155/0x510 [ 11.745688] kunit_try_run_case+0x1a5/0x480 [ 11.745964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.746208] kthread+0x337/0x6f0 [ 11.746364] ret_from_fork+0x41/0x80 [ 11.746522] ret_from_fork_asm+0x1a/0x30 [ 11.747119] [ 11.747201] Freed by task 0: [ 11.747498] kasan_save_stack+0x45/0x70 [ 11.748055] kasan_save_track+0x18/0x40 [ 11.748245] kasan_save_free_info+0x3f/0x60 [ 11.748544] __kasan_slab_free+0x56/0x70 [ 11.748722] slab_free_after_rcu_debug+0xe4/0x310 [ 11.749116] rcu_core+0x66c/0x1c30 [ 11.749302] rcu_core_si+0x12/0x20 [ 11.749426] handle_softirqs+0x209/0x730 [ 11.749959] __irq_exit_rcu+0xc9/0x110 [ 11.750150] irq_exit_rcu+0x12/0x20 [ 11.750282] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.750654] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.751092] [ 11.751364] Last potentially related work creation: [ 11.751585] kasan_save_stack+0x45/0x70 [ 11.752116] kasan_record_aux_stack+0xb2/0xc0 [ 11.752324] kmem_cache_free+0x131/0x420 [ 11.752511] kmem_cache_rcu_uaf+0x194/0x510 [ 11.752909] kunit_try_run_case+0x1a5/0x480 [ 11.753280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.753694] kthread+0x337/0x6f0 [ 11.754049] ret_from_fork+0x41/0x80 [ 11.754205] ret_from_fork_asm+0x1a/0x30 [ 11.754534] [ 11.754661] The buggy address belongs to the object at ffff888102f74000 [ 11.754661] which belongs to the cache test_cache of size 200 [ 11.755359] The buggy address is located 0 bytes inside of [ 11.755359] freed 200-byte region [ffff888102f74000, ffff888102f740c8) [ 11.756413] [ 11.756518] The buggy address belongs to the physical page: [ 11.756700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f74 [ 11.757131] flags: 0x200000000000000(node=0|zone=2) [ 11.757355] page_type: f5(slab) [ 11.757527] raw: 0200000000000000 ffff88810128f3c0 dead000000000122 0000000000000000 [ 11.758319] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.758896] page dumped because: kasan: bad access detected [ 11.759251] [ 11.759359] Memory state around the buggy address: [ 11.759830] ffff888102f73f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.760458] ffff888102f73f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.761029] >ffff888102f74000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.761353] ^ [ 11.761511] ffff888102f74080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.762099] ffff888102f74100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.762513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 11.665368] ================================================================== [ 11.666360] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.666904] Free of addr ffff888102a05001 by task kunit_try_catch/230 [ 11.667844] [ 11.668097] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.668149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.668161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.668183] Call Trace: [ 11.668198] <TASK> [ 11.668369] dump_stack_lvl+0x73/0xb0 [ 11.668402] print_report+0xd1/0x650 [ 11.668426] ? __virt_addr_valid+0x1db/0x2d0 [ 11.668449] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.668471] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.668493] kasan_report_invalid_free+0x10a/0x130 [ 11.668517] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.668539] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.668570] check_slab_allocation+0x11f/0x130 [ 11.668592] __kasan_slab_pre_free+0x28/0x40 [ 11.668612] kmem_cache_free+0xed/0x420 [ 11.668633] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.668654] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.668677] kmem_cache_invalid_free+0x1d8/0x460 [ 11.668697] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.668717] ? finish_task_switch.isra.0+0x153/0x700 [ 11.668741] ? __switch_to+0x5d9/0xf60 [ 11.668833] ? dequeue_task_fair+0x166/0x4e0 [ 11.668866] ? __pfx_read_tsc+0x10/0x10 [ 11.668886] ? ktime_get_ts64+0x86/0x230 [ 11.668912] kunit_try_run_case+0x1a5/0x480 [ 11.668950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.668972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.668996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.669020] ? __kthread_parkme+0x82/0x180 [ 11.669043] ? preempt_count_sub+0x50/0x80 [ 11.669067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.669090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.669113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.669135] kthread+0x337/0x6f0 [ 11.669151] ? trace_preempt_on+0x20/0xc0 [ 11.669174] ? __pfx_kthread+0x10/0x10 [ 11.669191] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.669213] ? calculate_sigpending+0x7b/0xa0 [ 11.669234] ? __pfx_kthread+0x10/0x10 [ 11.669252] ret_from_fork+0x41/0x80 [ 11.669273] ? __pfx_kthread+0x10/0x10 [ 11.669290] ret_from_fork_asm+0x1a/0x30 [ 11.669320] </TASK> [ 11.669331] [ 11.681101] Allocated by task 230: [ 11.681308] kasan_save_stack+0x45/0x70 [ 11.681633] kasan_save_track+0x18/0x40 [ 11.681979] kasan_save_alloc_info+0x3b/0x50 [ 11.682353] __kasan_slab_alloc+0x91/0xa0 [ 11.682551] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.683092] kmem_cache_invalid_free+0x157/0x460 [ 11.683310] kunit_try_run_case+0x1a5/0x480 [ 11.683484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.683909] kthread+0x337/0x6f0 [ 11.684099] ret_from_fork+0x41/0x80 [ 11.684271] ret_from_fork_asm+0x1a/0x30 [ 11.684824] [ 11.685130] The buggy address belongs to the object at ffff888102a05000 [ 11.685130] which belongs to the cache test_cache of size 200 [ 11.686202] The buggy address is located 1 bytes inside of [ 11.686202] 200-byte region [ffff888102a05000, ffff888102a050c8) [ 11.687454] [ 11.687537] The buggy address belongs to the physical page: [ 11.687745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a05 [ 11.688571] flags: 0x200000000000000(node=0|zone=2) [ 11.689029] page_type: f5(slab) [ 11.689632] raw: 0200000000000000 ffff888102109280 dead000000000122 0000000000000000 [ 11.689908] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.690150] page dumped because: kasan: bad access detected [ 11.690323] [ 11.690393] Memory state around the buggy address: [ 11.690550] ffff888102a04f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.690768] ffff888102a04f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691726] >ffff888102a05000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.692797] ^ [ 11.693321] ffff888102a05080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.694329] ffff888102a05100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.695270] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 11.625313] ================================================================== [ 11.626445] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.627077] Free of addr ffff888102a01000 by task kunit_try_catch/228 [ 11.627789] [ 11.628046] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.628099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.628111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.628133] Call Trace: [ 11.628147] <TASK> [ 11.628168] dump_stack_lvl+0x73/0xb0 [ 11.628199] print_report+0xd1/0x650 [ 11.628223] ? __virt_addr_valid+0x1db/0x2d0 [ 11.628253] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.628275] ? kmem_cache_double_free+0x1e5/0x480 [ 11.628296] kasan_report_invalid_free+0x10a/0x130 [ 11.628320] ? kmem_cache_double_free+0x1e5/0x480 [ 11.628342] ? kmem_cache_double_free+0x1e5/0x480 [ 11.628362] check_slab_allocation+0x101/0x130 [ 11.628383] __kasan_slab_pre_free+0x28/0x40 [ 11.628404] kmem_cache_free+0xed/0x420 [ 11.628425] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.628446] ? kmem_cache_double_free+0x1e5/0x480 [ 11.628469] kmem_cache_double_free+0x1e5/0x480 [ 11.628489] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.628508] ? finish_task_switch.isra.0+0x153/0x700 [ 11.628533] ? __switch_to+0x5d9/0xf60 [ 11.628554] ? dequeue_task_fair+0x166/0x4e0 [ 11.628581] ? __pfx_read_tsc+0x10/0x10 [ 11.628601] ? ktime_get_ts64+0x86/0x230 [ 11.628641] kunit_try_run_case+0x1a5/0x480 [ 11.628668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.628689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.628714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.628756] ? __kthread_parkme+0x82/0x180 [ 11.628779] ? preempt_count_sub+0x50/0x80 [ 11.628804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.628827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.628850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.628872] kthread+0x337/0x6f0 [ 11.628889] ? trace_preempt_on+0x20/0xc0 [ 11.628913] ? __pfx_kthread+0x10/0x10 [ 11.628942] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.628963] ? calculate_sigpending+0x7b/0xa0 [ 11.628985] ? __pfx_kthread+0x10/0x10 [ 11.629003] ret_from_fork+0x41/0x80 [ 11.629024] ? __pfx_kthread+0x10/0x10 [ 11.629041] ret_from_fork_asm+0x1a/0x30 [ 11.629073] </TASK> [ 11.629085] [ 11.643493] Allocated by task 228: [ 11.643715] kasan_save_stack+0x45/0x70 [ 11.644082] kasan_save_track+0x18/0x40 [ 11.644442] kasan_save_alloc_info+0x3b/0x50 [ 11.644869] __kasan_slab_alloc+0x91/0xa0 [ 11.645206] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.645372] kmem_cache_double_free+0x14f/0x480 [ 11.645522] kunit_try_run_case+0x1a5/0x480 [ 11.645932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.646399] kthread+0x337/0x6f0 [ 11.646723] ret_from_fork+0x41/0x80 [ 11.647109] ret_from_fork_asm+0x1a/0x30 [ 11.647475] [ 11.647651] Freed by task 228: [ 11.647957] kasan_save_stack+0x45/0x70 [ 11.648100] kasan_save_track+0x18/0x40 [ 11.648233] kasan_save_free_info+0x3f/0x60 [ 11.648379] __kasan_slab_free+0x56/0x70 [ 11.648514] kmem_cache_free+0x249/0x420 [ 11.648666] kmem_cache_double_free+0x16a/0x480 [ 11.648828] kunit_try_run_case+0x1a5/0x480 [ 11.649249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.649792] kthread+0x337/0x6f0 [ 11.649955] ret_from_fork+0x41/0x80 [ 11.650085] ret_from_fork_asm+0x1a/0x30 [ 11.650221] [ 11.650292] The buggy address belongs to the object at ffff888102a01000 [ 11.650292] which belongs to the cache test_cache of size 200 [ 11.650695] The buggy address is located 0 bytes inside of [ 11.650695] 200-byte region [ffff888102a01000, ffff888102a010c8) [ 11.651127] [ 11.651238] The buggy address belongs to the physical page: [ 11.651491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a01 [ 11.651962] flags: 0x200000000000000(node=0|zone=2) [ 11.652163] page_type: f5(slab) [ 11.652299] raw: 0200000000000000 ffff888102109140 dead000000000122 0000000000000000 [ 11.652685] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.653070] page dumped because: kasan: bad access detected [ 11.653286] [ 11.653378] Memory state around the buggy address: [ 11.653599] ffff888102a00f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653927] ffff888102a00f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.654224] >ffff888102a01000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.654500] ^ [ 11.654689] ffff888102a01080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.655037] ffff888102a01100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.655301] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 11.576538] ================================================================== [ 11.577799] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.578443] Read of size 1 at addr ffff888102f730c8 by task kunit_try_catch/226 [ 11.579258] [ 11.579555] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.579697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.579727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.579750] Call Trace: [ 11.579765] <TASK> [ 11.579786] dump_stack_lvl+0x73/0xb0 [ 11.579817] print_report+0xd1/0x650 [ 11.579841] ? __virt_addr_valid+0x1db/0x2d0 [ 11.579864] ? kmem_cache_oob+0x402/0x530 [ 11.579883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.579905] ? kmem_cache_oob+0x402/0x530 [ 11.579937] kasan_report+0x141/0x180 [ 11.579959] ? kmem_cache_oob+0x402/0x530 [ 11.579983] __asan_report_load1_noabort+0x18/0x20 [ 11.580003] kmem_cache_oob+0x402/0x530 [ 11.580021] ? trace_hardirqs_on+0x37/0xe0 [ 11.580045] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.580063] ? finish_task_switch.isra.0+0x153/0x700 [ 11.580087] ? __switch_to+0x5d9/0xf60 [ 11.580111] ? dequeue_task_fair+0x166/0x4e0 [ 11.580138] ? __pfx_read_tsc+0x10/0x10 [ 11.580158] ? ktime_get_ts64+0x86/0x230 [ 11.580183] kunit_try_run_case+0x1a5/0x480 [ 11.580209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.580230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.580262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.580284] ? __kthread_parkme+0x82/0x180 [ 11.580306] ? preempt_count_sub+0x50/0x80 [ 11.580330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.580353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.580376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.580398] kthread+0x337/0x6f0 [ 11.580414] ? trace_preempt_on+0x20/0xc0 [ 11.580435] ? __pfx_kthread+0x10/0x10 [ 11.580452] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.580473] ? calculate_sigpending+0x7b/0xa0 [ 11.580495] ? __pfx_kthread+0x10/0x10 [ 11.580515] ret_from_fork+0x41/0x80 [ 11.580536] ? __pfx_kthread+0x10/0x10 [ 11.580553] ret_from_fork_asm+0x1a/0x30 [ 11.580595] </TASK> [ 11.580606] [ 11.596689] Allocated by task 226: [ 11.597077] kasan_save_stack+0x45/0x70 [ 11.597477] kasan_save_track+0x18/0x40 [ 11.597851] kasan_save_alloc_info+0x3b/0x50 [ 11.598349] __kasan_slab_alloc+0x91/0xa0 [ 11.598537] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.599162] kmem_cache_oob+0x157/0x530 [ 11.599549] kunit_try_run_case+0x1a5/0x480 [ 11.600031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.600449] kthread+0x337/0x6f0 [ 11.600585] ret_from_fork+0x41/0x80 [ 11.601104] ret_from_fork_asm+0x1a/0x30 [ 11.601616] [ 11.601893] The buggy address belongs to the object at ffff888102f73000 [ 11.601893] which belongs to the cache test_cache of size 200 [ 11.602275] The buggy address is located 0 bytes to the right of [ 11.602275] allocated 200-byte region [ffff888102f73000, ffff888102f730c8) [ 11.602663] [ 11.602737] The buggy address belongs to the physical page: [ 11.603450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f73 [ 11.604113] flags: 0x200000000000000(node=0|zone=2) [ 11.604425] page_type: f5(slab) [ 11.604557] raw: 0200000000000000 ffff88810128f280 dead000000000122 0000000000000000 [ 11.605117] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.605496] page dumped because: kasan: bad access detected [ 11.605927] [ 11.606120] Memory state around the buggy address: [ 11.606336] ffff888102f72f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.606811] ffff888102f73000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.607192] >ffff888102f73080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.607454] ^ [ 11.607847] ffff888102f73100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.608126] ffff888102f73180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.608550] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.530006] ================================================================== [ 11.530439] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.530692] Read of size 8 at addr ffff888102f6b940 by task kunit_try_catch/219 [ 11.531081] [ 11.531179] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.531228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.531240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.531261] Call Trace: [ 11.531275] <TASK> [ 11.531294] dump_stack_lvl+0x73/0xb0 [ 11.531322] print_report+0xd1/0x650 [ 11.531345] ? __virt_addr_valid+0x1db/0x2d0 [ 11.531367] ? workqueue_uaf+0x4d6/0x560 [ 11.531388] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.531411] ? workqueue_uaf+0x4d6/0x560 [ 11.531432] kasan_report+0x141/0x180 [ 11.531454] ? workqueue_uaf+0x4d6/0x560 [ 11.531480] __asan_report_load8_noabort+0x18/0x20 [ 11.531500] workqueue_uaf+0x4d6/0x560 [ 11.531522] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.531544] ? __schedule+0x10cc/0x2b60 [ 11.531581] ? __pfx_read_tsc+0x10/0x10 [ 11.531601] ? ktime_get_ts64+0x86/0x230 [ 11.531627] kunit_try_run_case+0x1a5/0x480 [ 11.531652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.531674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.531697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.531720] ? __kthread_parkme+0x82/0x180 [ 11.531742] ? preempt_count_sub+0x50/0x80 [ 11.531768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.531792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.531814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.531837] kthread+0x337/0x6f0 [ 11.531853] ? trace_preempt_on+0x20/0xc0 [ 11.531876] ? __pfx_kthread+0x10/0x10 [ 11.531894] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.531914] ? calculate_sigpending+0x7b/0xa0 [ 11.532002] ? __pfx_kthread+0x10/0x10 [ 11.532024] ret_from_fork+0x41/0x80 [ 11.532045] ? __pfx_kthread+0x10/0x10 [ 11.532063] ret_from_fork_asm+0x1a/0x30 [ 11.532094] </TASK> [ 11.532106] [ 11.544349] Allocated by task 219: [ 11.544535] kasan_save_stack+0x45/0x70 [ 11.544997] kasan_save_track+0x18/0x40 [ 11.545368] kasan_save_alloc_info+0x3b/0x50 [ 11.545837] __kasan_kmalloc+0xb7/0xc0 [ 11.546082] __kmalloc_cache_noprof+0x189/0x420 [ 11.546240] workqueue_uaf+0x152/0x560 [ 11.546373] kunit_try_run_case+0x1a5/0x480 [ 11.546522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.546725] kthread+0x337/0x6f0 [ 11.546980] ret_from_fork+0x41/0x80 [ 11.547329] ret_from_fork_asm+0x1a/0x30 [ 11.547725] [ 11.547935] Freed by task 48: [ 11.548400] kasan_save_stack+0x45/0x70 [ 11.548771] kasan_save_track+0x18/0x40 [ 11.548908] kasan_save_free_info+0x3f/0x60 [ 11.549063] __kasan_slab_free+0x56/0x70 [ 11.549198] kfree+0x222/0x3f0 [ 11.549311] workqueue_uaf_work+0x12/0x20 [ 11.549449] process_one_work+0x5ee/0xf60 [ 11.549587] worker_thread+0x758/0x1220 [ 11.549717] kthread+0x337/0x6f0 [ 11.549832] ret_from_fork+0x41/0x80 [ 11.550049] ret_from_fork_asm+0x1a/0x30 [ 11.550526] [ 11.550792] Last potentially related work creation: [ 11.551232] kasan_save_stack+0x45/0x70 [ 11.551656] kasan_record_aux_stack+0xb2/0xc0 [ 11.552137] __queue_work+0x626/0xeb0 [ 11.552591] queue_work_on+0xb6/0xc0 [ 11.552999] workqueue_uaf+0x26d/0x560 [ 11.553359] kunit_try_run_case+0x1a5/0x480 [ 11.553982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.554514] kthread+0x337/0x6f0 [ 11.554914] ret_from_fork+0x41/0x80 [ 11.555288] ret_from_fork_asm+0x1a/0x30 [ 11.555667] [ 11.555905] The buggy address belongs to the object at ffff888102f6b940 [ 11.555905] which belongs to the cache kmalloc-32 of size 32 [ 11.557081] The buggy address is located 0 bytes inside of [ 11.557081] freed 32-byte region [ffff888102f6b940, ffff888102f6b960) [ 11.557826] [ 11.558036] The buggy address belongs to the physical page: [ 11.558280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f6b [ 11.558518] flags: 0x200000000000000(node=0|zone=2) [ 11.559215] page_type: f5(slab) [ 11.559559] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.560412] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.561255] page dumped because: kasan: bad access detected [ 11.561546] [ 11.561731] Memory state around the buggy address: [ 11.562222] ffff888102f6b800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.562677] ffff888102f6b880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.563201] >ffff888102f6b900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.563409] ^ [ 11.563574] ffff888102f6b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.564003] ffff888102f6ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.564632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.481885] ================================================================== [ 11.482386] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.482664] Read of size 4 at addr ffff8881029fc640 by task swapper/0/0 [ 11.482978] [ 11.483101] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.483149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.483161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.483185] Call Trace: [ 11.483212] <IRQ> [ 11.483263] dump_stack_lvl+0x73/0xb0 [ 11.483306] print_report+0xd1/0x650 [ 11.483331] ? __virt_addr_valid+0x1db/0x2d0 [ 11.483355] ? rcu_uaf_reclaim+0x50/0x60 [ 11.483375] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.483397] ? rcu_uaf_reclaim+0x50/0x60 [ 11.483418] kasan_report+0x141/0x180 [ 11.483440] ? rcu_uaf_reclaim+0x50/0x60 [ 11.483466] __asan_report_load4_noabort+0x18/0x20 [ 11.483488] rcu_uaf_reclaim+0x50/0x60 [ 11.483509] rcu_core+0x66c/0x1c30 [ 11.483534] ? enqueue_hrtimer+0xfe/0x210 [ 11.483575] ? __pfx_rcu_core+0x10/0x10 [ 11.483607] ? ktime_get+0x6b/0x150 [ 11.483630] ? handle_softirqs+0x18e/0x730 [ 11.483657] rcu_core_si+0x12/0x20 [ 11.483684] handle_softirqs+0x209/0x730 [ 11.483733] ? hrtimer_interrupt+0x2fe/0x780 [ 11.483757] ? __pfx_handle_softirqs+0x10/0x10 [ 11.483783] __irq_exit_rcu+0xc9/0x110 [ 11.483804] irq_exit_rcu+0x12/0x20 [ 11.483822] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.483847] </IRQ> [ 11.483873] <TASK> [ 11.483883] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.484001] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.484232] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 cd 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.484318] RSP: 0000:ffffffff89207dd8 EFLAGS: 00010202 [ 11.484411] RAX: ffff8881d0a93000 RBX: ffffffff8921ca80 RCX: ffffffff8800d015 [ 11.484455] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 00000000000066d4 [ 11.484496] RBP: ffffffff89207de0 R08: 0000000000000001 R09: ffffed102b606102 [ 11.484538] R10: ffff88815b030813 R11: 000000000000c400 R12: 0000000000000000 [ 11.484614] R13: fffffbfff1243950 R14: ffffffff89d9c210 R15: 0000000000000000 [ 11.484672] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.484742] ? default_idle+0xd/0x20 [ 11.484764] arch_cpu_idle+0xd/0x20 [ 11.484782] default_idle_call+0x48/0x80 [ 11.484801] do_idle+0x379/0x4f0 [ 11.484825] ? __pfx_do_idle+0x10/0x10 [ 11.484845] ? trace_preempt_on+0x20/0xc0 [ 11.484868] ? schedule+0x86/0x2e0 [ 11.484889] ? preempt_count_sub+0x50/0x80 [ 11.484914] cpu_startup_entry+0x5c/0x70 [ 11.484944] rest_init+0x11a/0x140 [ 11.484962] ? acpi_subsystem_init+0x5d/0x150 [ 11.484988] start_kernel+0x32b/0x410 [ 11.485010] x86_64_start_reservations+0x1c/0x30 [ 11.485032] x86_64_start_kernel+0xcf/0xe0 [ 11.485053] common_startup_64+0x13e/0x148 [ 11.485085] </TASK> [ 11.485097] [ 11.502497] Allocated by task 217: [ 11.502799] kasan_save_stack+0x45/0x70 [ 11.503185] kasan_save_track+0x18/0x40 [ 11.503547] kasan_save_alloc_info+0x3b/0x50 [ 11.504040] __kasan_kmalloc+0xb7/0xc0 [ 11.504407] __kmalloc_cache_noprof+0x189/0x420 [ 11.504930] rcu_uaf+0xb0/0x330 [ 11.505186] kunit_try_run_case+0x1a5/0x480 [ 11.505524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.506027] kthread+0x337/0x6f0 [ 11.506294] ret_from_fork+0x41/0x80 [ 11.506535] ret_from_fork_asm+0x1a/0x30 [ 11.507045] [ 11.507223] Freed by task 0: [ 11.507473] kasan_save_stack+0x45/0x70 [ 11.507869] kasan_save_track+0x18/0x40 [ 11.508154] kasan_save_free_info+0x3f/0x60 [ 11.508303] __kasan_slab_free+0x56/0x70 [ 11.508440] kfree+0x222/0x3f0 [ 11.508553] rcu_uaf_reclaim+0x1f/0x60 [ 11.508972] rcu_core+0x66c/0x1c30 [ 11.509292] rcu_core_si+0x12/0x20 [ 11.509650] handle_softirqs+0x209/0x730 [ 11.510089] __irq_exit_rcu+0xc9/0x110 [ 11.510455] irq_exit_rcu+0x12/0x20 [ 11.510862] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.511306] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.511605] [ 11.511927] Last potentially related work creation: [ 11.512311] kasan_save_stack+0x45/0x70 [ 11.512456] kasan_record_aux_stack+0xb2/0xc0 [ 11.512605] __call_rcu_common.constprop.0+0x72/0x9c0 [ 11.513160] call_rcu+0x12/0x20 [ 11.513472] rcu_uaf+0x168/0x330 [ 11.513817] kunit_try_run_case+0x1a5/0x480 [ 11.514214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.514471] kthread+0x337/0x6f0 [ 11.514807] ret_from_fork+0x41/0x80 [ 11.515124] ret_from_fork_asm+0x1a/0x30 [ 11.515283] [ 11.515365] The buggy address belongs to the object at ffff8881029fc640 [ 11.515365] which belongs to the cache kmalloc-32 of size 32 [ 11.516220] The buggy address is located 0 bytes inside of [ 11.516220] freed 32-byte region [ffff8881029fc640, ffff8881029fc660) [ 11.517367] [ 11.517545] The buggy address belongs to the physical page: [ 11.518168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fc [ 11.518717] flags: 0x200000000000000(node=0|zone=2) [ 11.518980] page_type: f5(slab) [ 11.519326] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.519914] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.520155] page dumped because: kasan: bad access detected [ 11.520335] [ 11.520404] Memory state around the buggy address: [ 11.520583] ffff8881029fc500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.521311] ffff8881029fc580: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 11.521953] >ffff8881029fc600: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.522388] ^ [ 11.522806] ffff8881029fc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.523765] ffff8881029fc700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.524261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.463870] ================================================================== [ 10.464897] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.465712] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/173 [ 10.466518] [ 10.466634] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.466683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.466732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.466755] Call Trace: [ 10.466769] <TASK> [ 10.466963] dump_stack_lvl+0x73/0xb0 [ 10.467003] print_report+0xd1/0x650 [ 10.467027] ? __virt_addr_valid+0x1db/0x2d0 [ 10.467049] ? page_alloc_uaf+0x356/0x3d0 [ 10.467067] ? kasan_addr_to_slab+0x11/0xa0 [ 10.467088] ? page_alloc_uaf+0x356/0x3d0 [ 10.467105] kasan_report+0x141/0x180 [ 10.467127] ? page_alloc_uaf+0x356/0x3d0 [ 10.467150] __asan_report_load1_noabort+0x18/0x20 [ 10.467169] page_alloc_uaf+0x356/0x3d0 [ 10.467187] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.467206] ? __schedule+0x10cc/0x2b60 [ 10.467228] ? __pfx_read_tsc+0x10/0x10 [ 10.467248] ? ktime_get_ts64+0x86/0x230 [ 10.467274] kunit_try_run_case+0x1a5/0x480 [ 10.467299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.467321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.467344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.467366] ? __kthread_parkme+0x82/0x180 [ 10.467387] ? preempt_count_sub+0x50/0x80 [ 10.467412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.467435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.467457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.467481] kthread+0x337/0x6f0 [ 10.467498] ? trace_preempt_on+0x20/0xc0 [ 10.467521] ? __pfx_kthread+0x10/0x10 [ 10.467539] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.467568] ? calculate_sigpending+0x7b/0xa0 [ 10.467589] ? __pfx_kthread+0x10/0x10 [ 10.467607] ret_from_fork+0x41/0x80 [ 10.467627] ? __pfx_kthread+0x10/0x10 [ 10.467644] ret_from_fork_asm+0x1a/0x30 [ 10.467674] </TASK> [ 10.467685] [ 10.482359] The buggy address belongs to the physical page: [ 10.482563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 10.482814] flags: 0x200000000000000(node=0|zone=2) [ 10.483708] page_type: f0(buddy) [ 10.483881] raw: 0200000000000000 ffff88817fffb3e0 ffff88817fffb3e0 0000000000000000 [ 10.484391] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 10.484886] page dumped because: kasan: bad access detected [ 10.485226] [ 10.485500] Memory state around the buggy address: [ 10.485779] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.486247] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.486690] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.487182] ^ [ 10.487456] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.488046] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.488443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.435068] ================================================================== [ 10.435526] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.436641] Free of addr ffff888102890001 by task kunit_try_catch/169 [ 10.437075] [ 10.437211] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.437262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.437274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.437296] Call Trace: [ 10.437311] <TASK> [ 10.437331] dump_stack_lvl+0x73/0xb0 [ 10.437363] print_report+0xd1/0x650 [ 10.437386] ? __virt_addr_valid+0x1db/0x2d0 [ 10.437411] ? kasan_addr_to_slab+0x11/0xa0 [ 10.437431] ? kfree+0x274/0x3f0 [ 10.437450] kasan_report_invalid_free+0x10a/0x130 [ 10.437475] ? kfree+0x274/0x3f0 [ 10.437495] ? kfree+0x274/0x3f0 [ 10.437511] __kasan_kfree_large+0x86/0xd0 [ 10.437533] free_large_kmalloc+0x4b/0x110 [ 10.437552] kfree+0x274/0x3f0 [ 10.437648] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.437677] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.437700] ? __schedule+0x10cc/0x2b60 [ 10.437774] ? __pfx_read_tsc+0x10/0x10 [ 10.437798] ? ktime_get_ts64+0x86/0x230 [ 10.437837] kunit_try_run_case+0x1a5/0x480 [ 10.437864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.437889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.437925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.437950] ? __kthread_parkme+0x82/0x180 [ 10.437973] ? preempt_count_sub+0x50/0x80 [ 10.437999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.438022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.438044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.438066] kthread+0x337/0x6f0 [ 10.438082] ? trace_preempt_on+0x20/0xc0 [ 10.438106] ? __pfx_kthread+0x10/0x10 [ 10.438133] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.438155] ? calculate_sigpending+0x7b/0xa0 [ 10.438177] ? __pfx_kthread+0x10/0x10 [ 10.438205] ret_from_fork+0x41/0x80 [ 10.438226] ? __pfx_kthread+0x10/0x10 [ 10.438243] ret_from_fork_asm+0x1a/0x30 [ 10.438275] </TASK> [ 10.438286] [ 10.447590] The buggy address belongs to the physical page: [ 10.447849] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102890 [ 10.448325] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.449056] flags: 0x200000000000040(head|node=0|zone=2) [ 10.449305] page_type: f8(unknown) [ 10.449462] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.450404] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.451181] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.451764] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.452305] head: 0200000000000002 ffffea00040a2401 00000000ffffffff 00000000ffffffff [ 10.452985] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.453494] page dumped because: kasan: bad access detected [ 10.454065] [ 10.454188] Memory state around the buggy address: [ 10.454578] ffff88810288ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.455079] ffff88810288ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.455524] >ffff888102890000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.456083] ^ [ 10.456245] ffff888102890080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.456523] ffff888102890100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.457214] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.412172] ================================================================== [ 10.412643] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.413245] Read of size 1 at addr ffff888102890000 by task kunit_try_catch/167 [ 10.413833] [ 10.414020] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.414072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.414084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.414107] Call Trace: [ 10.414119] <TASK> [ 10.414139] dump_stack_lvl+0x73/0xb0 [ 10.414168] print_report+0xd1/0x650 [ 10.414193] ? __virt_addr_valid+0x1db/0x2d0 [ 10.414216] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.414237] ? kasan_addr_to_slab+0x11/0xa0 [ 10.414257] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.414278] kasan_report+0x141/0x180 [ 10.414300] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.414326] __asan_report_load1_noabort+0x18/0x20 [ 10.414346] kmalloc_large_uaf+0x2f1/0x340 [ 10.414367] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.414388] ? __schedule+0x10cc/0x2b60 [ 10.414411] ? __pfx_read_tsc+0x10/0x10 [ 10.414431] ? ktime_get_ts64+0x86/0x230 [ 10.414456] kunit_try_run_case+0x1a5/0x480 [ 10.414483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.414504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.414528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.414550] ? __kthread_parkme+0x82/0x180 [ 10.414572] ? preempt_count_sub+0x50/0x80 [ 10.414596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.414619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.414641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.414664] kthread+0x337/0x6f0 [ 10.414680] ? trace_preempt_on+0x20/0xc0 [ 10.414703] ? __pfx_kthread+0x10/0x10 [ 10.414721] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.414741] ? calculate_sigpending+0x7b/0xa0 [ 10.414762] ? __pfx_kthread+0x10/0x10 [ 10.414780] ret_from_fork+0x41/0x80 [ 10.414799] ? __pfx_kthread+0x10/0x10 [ 10.414817] ret_from_fork_asm+0x1a/0x30 [ 10.414847] </TASK> [ 10.414858] [ 10.425297] The buggy address belongs to the physical page: [ 10.426058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102890 [ 10.426400] flags: 0x200000000000000(node=0|zone=2) [ 10.426880] raw: 0200000000000000 ffffea00040a2508 ffff88815b139a80 0000000000000000 [ 10.427382] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.428133] page dumped because: kasan: bad access detected [ 10.428492] [ 10.428703] Memory state around the buggy address: [ 10.428889] ffff88810288ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.429215] ffff88810288ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.429519] >ffff888102890000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.430179] ^ [ 10.430323] ffff888102890080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.430957] ffff888102890100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.431394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.383711] ================================================================== [ 10.384936] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.385302] Write of size 1 at addr ffff88810289200a by task kunit_try_catch/165 [ 10.385530] [ 10.385640] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.385688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.385699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.385752] Call Trace: [ 10.385784] <TASK> [ 10.385802] dump_stack_lvl+0x73/0xb0 [ 10.385830] print_report+0xd1/0x650 [ 10.385853] ? __virt_addr_valid+0x1db/0x2d0 [ 10.385874] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.385896] ? kasan_addr_to_slab+0x11/0xa0 [ 10.385929] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.385951] kasan_report+0x141/0x180 [ 10.385973] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.386000] __asan_report_store1_noabort+0x1b/0x30 [ 10.386020] kmalloc_large_oob_right+0x2e9/0x330 [ 10.386042] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.386065] ? __schedule+0x10cc/0x2b60 [ 10.386087] ? __pfx_read_tsc+0x10/0x10 [ 10.386107] ? ktime_get_ts64+0x86/0x230 [ 10.386131] kunit_try_run_case+0x1a5/0x480 [ 10.386156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.386177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.386200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.386223] ? __kthread_parkme+0x82/0x180 [ 10.386245] ? preempt_count_sub+0x50/0x80 [ 10.386271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.386293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.386315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.386337] kthread+0x337/0x6f0 [ 10.386353] ? trace_preempt_on+0x20/0xc0 [ 10.386376] ? __pfx_kthread+0x10/0x10 [ 10.386393] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.386414] ? calculate_sigpending+0x7b/0xa0 [ 10.386435] ? __pfx_kthread+0x10/0x10 [ 10.386452] ret_from_fork+0x41/0x80 [ 10.386472] ? __pfx_kthread+0x10/0x10 [ 10.386489] ret_from_fork_asm+0x1a/0x30 [ 10.386520] </TASK> [ 10.386531] [ 10.399808] The buggy address belongs to the physical page: [ 10.400019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102890 [ 10.400270] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.400489] flags: 0x200000000000040(head|node=0|zone=2) [ 10.401090] page_type: f8(unknown) [ 10.401551] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.402413] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.403430] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.404228] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.405067] head: 0200000000000002 ffffea00040a2401 00000000ffffffff 00000000ffffffff [ 10.405785] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.406161] page dumped because: kasan: bad access detected [ 10.406327] [ 10.406394] Memory state around the buggy address: [ 10.406548] ffff888102891f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.406762] ffff888102891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.407457] >ffff888102892000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.407856] ^ [ 10.408113] ffff888102892080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.408451] ffff888102892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.408700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.345975] ================================================================== [ 10.346391] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.346866] Write of size 1 at addr ffff888102ab5f00 by task kunit_try_catch/163 [ 10.347850] [ 10.348146] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.348196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.348210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.348231] Call Trace: [ 10.348243] <TASK> [ 10.348267] dump_stack_lvl+0x73/0xb0 [ 10.348295] print_report+0xd1/0x650 [ 10.348318] ? __virt_addr_valid+0x1db/0x2d0 [ 10.348339] ? kmalloc_big_oob_right+0x316/0x370 [ 10.348361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.348384] ? kmalloc_big_oob_right+0x316/0x370 [ 10.348406] kasan_report+0x141/0x180 [ 10.348427] ? kmalloc_big_oob_right+0x316/0x370 [ 10.348454] __asan_report_store1_noabort+0x1b/0x30 [ 10.348474] kmalloc_big_oob_right+0x316/0x370 [ 10.348497] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.348521] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.348556] kunit_try_run_case+0x1a5/0x480 [ 10.348581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.348602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.348625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.348647] ? __kthread_parkme+0x82/0x180 [ 10.348669] ? preempt_count_sub+0x50/0x80 [ 10.348694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.348717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.348739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.348762] kthread+0x337/0x6f0 [ 10.348778] ? trace_preempt_on+0x20/0xc0 [ 10.348801] ? __pfx_kthread+0x10/0x10 [ 10.348819] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.348839] ? calculate_sigpending+0x7b/0xa0 [ 10.348860] ? __pfx_kthread+0x10/0x10 [ 10.348878] ret_from_fork+0x41/0x80 [ 10.348899] ? __pfx_kthread+0x10/0x10 [ 10.348926] ret_from_fork_asm+0x1a/0x30 [ 10.348957] </TASK> [ 10.348968] [ 10.360575] Allocated by task 163: [ 10.360725] kasan_save_stack+0x45/0x70 [ 10.360950] kasan_save_track+0x18/0x40 [ 10.361352] kasan_save_alloc_info+0x3b/0x50 [ 10.361774] __kasan_kmalloc+0xb7/0xc0 [ 10.362183] __kmalloc_cache_noprof+0x189/0x420 [ 10.362344] kmalloc_big_oob_right+0xa9/0x370 [ 10.362495] kunit_try_run_case+0x1a5/0x480 [ 10.362874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.363454] kthread+0x337/0x6f0 [ 10.363875] ret_from_fork+0x41/0x80 [ 10.364269] ret_from_fork_asm+0x1a/0x30 [ 10.364669] [ 10.364835] The buggy address belongs to the object at ffff888102ab4000 [ 10.364835] which belongs to the cache kmalloc-8k of size 8192 [ 10.365830] The buggy address is located 0 bytes to the right of [ 10.365830] allocated 7936-byte region [ffff888102ab4000, ffff888102ab5f00) [ 10.366498] [ 10.366574] The buggy address belongs to the physical page: [ 10.366822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 10.367536] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.368546] flags: 0x200000000000040(head|node=0|zone=2) [ 10.369136] page_type: f5(slab) [ 10.369590] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.369881] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.370128] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.370361] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.370706] head: 0200000000000003 ffffea00040aac01 00000000ffffffff 00000000ffffffff [ 10.371584] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.372505] page dumped because: kasan: bad access detected [ 10.373260] [ 10.373508] Memory state around the buggy address: [ 10.374087] ffff888102ab5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.374461] ffff888102ab5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.375251] >ffff888102ab5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.376262] ^ [ 10.376671] ffff888102ab5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.377401] ffff888102ab6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.378001] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.299077] ================================================================== [ 10.299585] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.300233] Write of size 1 at addr ffff888102f60478 by task kunit_try_catch/161 [ 10.300604] [ 10.300702] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.300775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.300787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.300820] Call Trace: [ 10.300834] <TASK> [ 10.300853] dump_stack_lvl+0x73/0xb0 [ 10.300996] print_report+0xd1/0x650 [ 10.301025] ? __virt_addr_valid+0x1db/0x2d0 [ 10.301049] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.301070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.301092] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.301112] kasan_report+0x141/0x180 [ 10.301134] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.301159] __asan_report_store1_noabort+0x1b/0x30 [ 10.301180] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.301201] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.301249] ? __schedule+0x10cc/0x2b60 [ 10.301275] ? __pfx_read_tsc+0x10/0x10 [ 10.301309] ? ktime_get_ts64+0x86/0x230 [ 10.301336] kunit_try_run_case+0x1a5/0x480 [ 10.301362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.301384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.301408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.301431] ? __kthread_parkme+0x82/0x180 [ 10.301453] ? preempt_count_sub+0x50/0x80 [ 10.301480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.301503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.301525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.301547] kthread+0x337/0x6f0 [ 10.301564] ? trace_preempt_on+0x20/0xc0 [ 10.301588] ? __pfx_kthread+0x10/0x10 [ 10.301606] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.301626] ? calculate_sigpending+0x7b/0xa0 [ 10.301648] ? __pfx_kthread+0x10/0x10 [ 10.301665] ret_from_fork+0x41/0x80 [ 10.301685] ? __pfx_kthread+0x10/0x10 [ 10.301702] ret_from_fork_asm+0x1a/0x30 [ 10.301775] </TASK> [ 10.301788] [ 10.310267] Allocated by task 161: [ 10.310441] kasan_save_stack+0x45/0x70 [ 10.310669] kasan_save_track+0x18/0x40 [ 10.310871] kasan_save_alloc_info+0x3b/0x50 [ 10.311124] __kasan_kmalloc+0xb7/0xc0 [ 10.311442] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.311947] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.312185] kunit_try_run_case+0x1a5/0x480 [ 10.312393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.312677] kthread+0x337/0x6f0 [ 10.312963] ret_from_fork+0x41/0x80 [ 10.313138] ret_from_fork_asm+0x1a/0x30 [ 10.313339] [ 10.313423] The buggy address belongs to the object at ffff888102f60400 [ 10.313423] which belongs to the cache kmalloc-128 of size 128 [ 10.314123] The buggy address is located 0 bytes to the right of [ 10.314123] allocated 120-byte region [ffff888102f60400, ffff888102f60478) [ 10.314518] [ 10.314629] The buggy address belongs to the physical page: [ 10.314943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 10.315253] flags: 0x200000000000000(node=0|zone=2) [ 10.315420] page_type: f5(slab) [ 10.315581] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.315930] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.316266] page dumped because: kasan: bad access detected [ 10.316495] [ 10.316813] Memory state around the buggy address: [ 10.317016] ffff888102f60300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.317324] ffff888102f60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.317656] >ffff888102f60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.318102] ^ [ 10.318415] ffff888102f60480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.318773] ffff888102f60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.319102] ================================================================== [ 10.319825] ================================================================== [ 10.320175] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.320545] Write of size 1 at addr ffff888102f60578 by task kunit_try_catch/161 [ 10.320902] [ 10.321222] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 10.321287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.321344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.321366] Call Trace: [ 10.321379] <TASK> [ 10.321395] dump_stack_lvl+0x73/0xb0 [ 10.321431] print_report+0xd1/0x650 [ 10.321455] ? __virt_addr_valid+0x1db/0x2d0 [ 10.321476] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.321509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.321531] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.321552] kasan_report+0x141/0x180 [ 10.321584] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.321610] __asan_report_store1_noabort+0x1b/0x30 [ 10.321630] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.321651] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.321673] ? __schedule+0x10cc/0x2b60 [ 10.321695] ? __pfx_read_tsc+0x10/0x10 [ 10.321773] ? ktime_get_ts64+0x86/0x230 [ 10.321801] kunit_try_run_case+0x1a5/0x480 [ 10.321827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.321860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.321883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.321906] ? __kthread_parkme+0x82/0x180 [ 10.321945] ? preempt_count_sub+0x50/0x80 [ 10.321970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.321992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.322014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.322045] kthread+0x337/0x6f0 [ 10.322061] ? trace_preempt_on+0x20/0xc0 [ 10.322085] ? __pfx_kthread+0x10/0x10 [ 10.322112] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.322133] ? calculate_sigpending+0x7b/0xa0 [ 10.322155] ? __pfx_kthread+0x10/0x10 [ 10.322172] ret_from_fork+0x41/0x80 [ 10.322192] ? __pfx_kthread+0x10/0x10 [ 10.322209] ret_from_fork_asm+0x1a/0x30 [ 10.322239] </TASK> [ 10.322249] [ 10.330581] Allocated by task 161: [ 10.330771] kasan_save_stack+0x45/0x70 [ 10.330975] kasan_save_track+0x18/0x40 [ 10.331113] kasan_save_alloc_info+0x3b/0x50 [ 10.331256] __kasan_kmalloc+0xb7/0xc0 [ 10.331388] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.331717] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.331976] kunit_try_run_case+0x1a5/0x480 [ 10.332344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.332518] kthread+0x337/0x6f0 [ 10.332652] ret_from_fork+0x41/0x80 [ 10.333215] ret_from_fork_asm+0x1a/0x30 [ 10.333453] [ 10.333562] The buggy address belongs to the object at ffff888102f60500 [ 10.333562] which belongs to the cache kmalloc-128 of size 128 [ 10.334912] The buggy address is located 0 bytes to the right of [ 10.334912] allocated 120-byte region [ffff888102f60500, ffff888102f60578) [ 10.336042] [ 10.336151] The buggy address belongs to the physical page: [ 10.336525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f60 [ 10.337290] flags: 0x200000000000000(node=0|zone=2) [ 10.337688] page_type: f5(slab) [ 10.337959] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.338379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.338880] page dumped because: kasan: bad access detected [ 10.339222] [ 10.339325] Memory state around the buggy address: [ 10.339697] ffff888102f60400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.340037] ffff888102f60480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.340472] >ffff888102f60500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.341235] ^ [ 10.341535] ffff888102f60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.342036] ffff888102f60600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.342364] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.274777] WARNING: CPU: 0 PID: 675 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.275308] Modules linked in: [ 108.275521] CPU: 0 UID: 0 PID: 675 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 108.276117] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.276368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.276753] RIP: 0010:intlog10+0x2a/0x40 [ 108.276943] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.277630] RSP: 0000:ffff88810375fcb0 EFLAGS: 00010246 [ 108.278466] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110206ebfb4 [ 108.278930] RDX: 1ffffffff10925a0 RSI: 1ffff110206ebfb3 RDI: 0000000000000000 [ 108.279218] RBP: ffff88810375fd60 R08: 0000000000000000 R09: ffffed1020537d80 [ 108.279472] R10: ffff8881029bec07 R11: 0000000000000000 R12: 1ffff110206ebf97 [ 108.279910] R13: ffffffff88492d00 R14: 0000000000000000 R15: ffff88810375fd38 [ 108.280160] FS: 0000000000000000(0000) GS:ffff8881d0a93000(0000) knlGS:0000000000000000 [ 108.280519] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.280816] CR2: ffff88815a928000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 108.281129] DR0: ffffffff8a630900 DR1: ffffffff8a630901 DR2: ffffffff8a630903 [ 108.281424] DR3: ffffffff8a630905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.281972] Call Trace: [ 108.282106] <TASK> [ 108.282220] ? intlog10_test+0xf2/0x220 [ 108.282408] ? __pfx_intlog10_test+0x10/0x10 [ 108.282624] ? __schedule+0x10cc/0x2b60 [ 108.282974] ? __pfx_read_tsc+0x10/0x10 [ 108.283184] ? ktime_get_ts64+0x86/0x230 [ 108.283344] kunit_try_run_case+0x1a5/0x480 [ 108.283585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.283898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.284123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.284371] ? __kthread_parkme+0x82/0x180 [ 108.284555] ? preempt_count_sub+0x50/0x80 [ 108.284875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.285113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.285298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.285612] kthread+0x337/0x6f0 [ 108.286027] ? trace_preempt_on+0x20/0xc0 [ 108.286206] ? __pfx_kthread+0x10/0x10 [ 108.286398] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.286610] ? calculate_sigpending+0x7b/0xa0 [ 108.286946] ? __pfx_kthread+0x10/0x10 [ 108.287144] ret_from_fork+0x41/0x80 [ 108.287318] ? __pfx_kthread+0x10/0x10 [ 108.287459] ret_from_fork_asm+0x1a/0x30 [ 108.287753] </TASK> [ 108.287923] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.236162] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.236479] Modules linked in: [ 108.236701] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 108.237602] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.238059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.238548] RIP: 0010:intlog2+0xdf/0x110 [ 108.239125] Code: 49 88 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 97 47 81 02 89 45 e4 e8 ef c6 56 ff 8b 45 e4 eb [ 108.239971] RSP: 0000:ffff888105cc7cb0 EFLAGS: 00010246 [ 108.240325] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020b98fb4 [ 108.241044] RDX: 1ffffffff10925f4 RSI: 1ffff11020b98fb3 RDI: 0000000000000000 [ 108.241337] RBP: ffff888105cc7d60 R08: 0000000000000000 R09: ffffed1020e161c0 [ 108.241846] R10: ffff8881070b0e07 R11: 0000000000000000 R12: 1ffff11020b98f97 [ 108.242163] R13: ffffffff88492fa0 R14: 0000000000000000 R15: ffff888105cc7d38 [ 108.242481] FS: 0000000000000000(0000) GS:ffff8881d0b93000(0000) knlGS:0000000000000000 [ 108.242821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.243195] CR2: dffffc0000000000 CR3: 00000000504ba000 CR4: 00000000000006f0 [ 108.243673] DR0: ffffffff8a630904 DR1: ffffffff8a630909 DR2: ffffffff8a63090a [ 108.244202] DR3: ffffffff8a63090b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.244570] Call Trace: [ 108.244684] <TASK> [ 108.244845] ? intlog2_test+0xf2/0x220 [ 108.245183] ? __pfx_intlog2_test+0x10/0x10 [ 108.245426] ? __schedule+0x10cc/0x2b60 [ 108.245667] ? __pfx_read_tsc+0x10/0x10 [ 108.245891] ? ktime_get_ts64+0x86/0x230 [ 108.246287] kunit_try_run_case+0x1a5/0x480 [ 108.246510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.246826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.247067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.247370] ? __kthread_parkme+0x82/0x180 [ 108.247623] ? preempt_count_sub+0x50/0x80 [ 108.247843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.248326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.248643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.249070] kthread+0x337/0x6f0 [ 108.249225] ? trace_preempt_on+0x20/0xc0 [ 108.249429] ? __pfx_kthread+0x10/0x10 [ 108.249768] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.250107] ? calculate_sigpending+0x7b/0xa0 [ 108.250351] ? __pfx_kthread+0x10/0x10 [ 108.250553] ret_from_fork+0x41/0x80 [ 108.250925] ? __pfx_kthread+0x10/0x10 [ 108.251138] ret_from_fork_asm+0x1a/0x30 [ 108.251376] </TASK> [ 108.251529] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.616224] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI